www.gazetadopovo.com.br Open in urlscan Pro
18.66.97.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.admin-us.cas.ms/
Effective URL:
https://www.gazetadopovo.com.br/
Submission Tags: krdprod
Submission: On October 27 via api (October 27th 2021, 6:07:59 pm UTC) from JP — Scanned from DE

Summary HTTP 497 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 75 IPs in 8 countries across 58 domains to perform 497 HTTP transactions. The main IP is 18.66.97.122, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.55.110.164 23.55.110.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	18.66.97.122 18.66.97.122	16509 (AMAZON-02) (AMAZON-02)
2	104.18.225.52 104.18.225.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
4	104.26.10.91 104.26.10.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
3	23.79.131.70 23.79.131.70	16625 (AKAMAI-AS) (AKAMAI-AS)
91	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
30	18.66.112.54 18.66.112.54	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.127 18.66.122.127	16509 (AMAZON-02) (AMAZON-02)
1	52.216.85.214 52.216.85.214	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
4	104.16.11.243 104.16.11.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
8	52.222.214.86 52.222.214.86	16509 (AMAZON-02) (AMAZON-02)
1	52.216.93.117 52.216.93.117	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
4	104.17.183.177 104.17.183.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
6	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
2 7	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	2.16.186.19 2.16.186.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.250.119 52.222.250.119	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	104.16.42.65 104.16.42.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	108.174.11.37 108.174.11.37	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
4	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
11	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
7	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
2	18.66.97.74 18.66.97.74	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1 2	18.66.112.34 18.66.112.34	16509 (AMAZON-02) (AMAZON-02)
6	18.66.97.111 18.66.97.111	16509 (AMAZON-02) (AMAZON-02)
2	52.222.214.129 52.222.214.129	16509 (AMAZON-02) (AMAZON-02)
5	18.66.112.61 18.66.112.61	16509 (AMAZON-02) (AMAZON-02)
2	18.66.97.57 18.66.97.57	16509 (AMAZON-02) (AMAZON-02)
67	13.32.99.10 13.32.99.10	16509 (AMAZON-02) (AMAZON-02)
9	23.55.110.18 23.55.110.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.233.124.69 54.233.124.69	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.79 13.32.99.79	16509 (AMAZON-02) (AMAZON-02)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	200.147.166.104 200.147.166.104	7162 (Universo ...) (Universo Online S.A.)
1	186.234.166.12 186.234.166.12	7162 (Universo ...) (Universo Online S.A.)
1	200.147.3.137 200.147.3.137	7162 (Universo ...) (Universo Online S.A.)
7	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
3	116.202.80.165 116.202.80.165	24940 (HETZNER-AS) (HETZNER-AS)
1	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
5 40	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
13	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
2	200.187.199.64 200.187.199.64	7162 (Universo ...) (Universo Online S.A.)
4 8	52.30.120.14 52.30.120.14	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
10	52.50.59.60 52.50.59.60	16509 (AMAZON-02) (AMAZON-02)
24	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.194.126.20 54.194.126.20	16509 (AMAZON-02) (AMAZON-02)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	18.196.195.54 18.196.195.54	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	108.128.115.18 108.128.115.18	16509 (AMAZON-02) (AMAZON-02)
2	74.125.133.94 74.125.133.94	15169 (GOOGLE) (GOOGLE)
1	54.171.104.28 54.171.104.28	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
5	173.194.187.170 173.194.187.170	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.17.176.161 52.17.176.161	16509 (AMAZON-02) (AMAZON-02)
497	75

1 51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.admin-us.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.55.110.164 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-164.deploy.static.akamaitechnologies.com

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.66.97.122 (United States)

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.225.52 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.10.91 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.79.131.70 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-131-70.deploy.static.akamaitechnologies.com

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.66.112.54 (United States)

ASN16509 (AMAZON-02, US)

media.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.127 (United States)

ASN16509 (AMAZON-02, US)

multimidia.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.85.214 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

gdp-prd-data.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.11.243 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.222.214.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-86.fra56.r.cloudfront.net

assets.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.93.117 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.183.177 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.121.37 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-119.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.42.65 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.174.11.37 (United States) 2 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.74 (United States)

ASN16509 (AMAZON-02, US)

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.34 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

0emsuhyuec.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.97.111 (United States)

ASN16509 (AMAZON-02, US)

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-129.fra56.r.cloudfront.net

comments.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.112.61 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 13.32.99.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-10.fra60.r.cloudfront.net

json.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.55.110.18 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-18.deploy.static.akamaitechnologies.com

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.233.124.69 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-124-69.sa-east-1.compute.amazonaws.com

apps.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-79.fra60.r.cloudfront.net

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 200.147.166.104 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: t.dynad.net

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.234.166.12 (Brazil)

ASN7162 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 200.147.3.137 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-147-3-137-137.static.uol.com.br

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.80.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.80.202.116.clients.your-server.de

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f1.1e100.net

e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.187.199.64 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-187-199-64.static.uol.com.br

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.30.120.14 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-120-14.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.241 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.50.59.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (United States) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.126.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

google.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.195.54 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.213 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.torchad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.128.115.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-115-18.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.104.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-104-28.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.194.187.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s40-in-f10.1e100.net

r5---sn-4g5e6nz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.176.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
133	gazetadopovo.com.br www.gazetadopovo.com.br media.gazetadopovo.com.br multimidia.gazetadopovo.com.br assets.gazetadopovo.com.br events-api.gazetadopovo.com.br comments.gazetadopovo.com.br json.gazetadopovo.com.br apps.gazetadopovo.com.br Failed	2 MB
91	google-analytics.com www.google-analytics.com	45 KB
46	adsafeprotected.com 4 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com unified.adsafeprotected.com pixel.adsafeprotected.com	512 KB
46	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	248 KB
38	googlesyndication.com e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	188 KB
23	google.com news.google.com www.google.com play.google.com adservice.google.com	71 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	225 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	97 KB
8	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r5---sn-4g5e6nz7.c.2mdn.net	29 KB
7	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com m.t.tailtarget.com t.tailtarget.com	2 KB
7	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
6	cxense.com scdn.cxense.com cdn.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	58 KB
5	dynad.net t.dynad.net s.dynad.net	56 KB
5	uol.com.br tm.uol.com.br tracker.bt.uol.com.br udr.uol.com.br	3 KB
5	semprefamilia.com.br www.semprefamilia.com.br	34 KB
5	amazonaws.com gdp-prd-data.s3.us-east-1.amazonaws.com s3.amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com 0emsuhyuec.execute-api.us-east-1.amazonaws.com	352 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	3 KB
4	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	137 KB
4	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com	6 KB
4	privacytools.com.br cdn.privacytools.com.br	37 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	openx.net 2 redirects us-u.openx.net	829 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	facebook.com www.facebook.com	432 B
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	314 KB
3	azureedge.net mcasproxy.azureedge.net	42 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	945 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com	1 KB
2	teads.tv sync.teads.tv	344 B
2	googletagservices.com www.googletagservices.com	74 KB
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	piano.io c2.piano.io	7 KB
2	facebook.net connect.facebook.net	113 KB
2	onesignal.com cdn.onesignal.com	71 KB
1	krxd.net beacon.krxd.net	338 B
1	torchad.com rtb2-useast.torchad.com	233 B
1	adriver.ru 1 redirects ssp.adriver.ru	342 B
1	rfihub.com 1 redirects p.rfihub.com	781 B
1	mathtag.com 1 redirects sync.mathtag.com	831 B
1	beeline.ru 1 redirects google.ops.beeline.ru	763 B
1	yieldmo.com ads.yieldmo.com	35 B
1	smaato.net 1 redirects s.ad.smaato.net	444 B
1	sonobi.com sync.go.sonobi.com	478 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	459 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	734 B
1	twitter.com analytics.twitter.com	674 B
1	t.co t.co	471 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	403 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	googletagmanager.com www.googletagmanager.com	71 KB
1	jquery.com code.jquery.com	30 KB
1	cas.ms www.gazetadopovo.com.br.admin-us.cas.ms	839 B
0	wbtrk.net Failed um.wbtrk.net Failed
0	Failed function sub() { [native code] }. Failed
497	58

	Domain	Requested by
91	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
67	json.gazetadopovo.com.br	www.gazetadopovo.com.br
30	media.gazetadopovo.com.br	www.gazetadopovo.com.br
24	dt.adsafeprotected.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
19	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com www.googletagservices.com
18	www.gazetadopovo.com.br	www.gazetadopovo.com.br
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
11	googleads.g.doubleclick.net	www.googleadservices.com e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com www.gazetadopovo.com.br.admin-us.cas.ms
10	static.adsafeprotected.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com fw.adsafeprotected.com tpc.googlesyndication.com
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br tm.uol.com.br www.gazetadopovo.com.br.admin-us.cas.ms
8	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net
8	news.google.com	www.gazetadopovo.com.br news.google.com www.gazetadopovo.com.br.admin-us.cas.ms www.gstatic.com
8	assets.gazetadopovo.com.br	www.gazetadopovo.com.br
7	play.google.com	www.gstatic.com
7	sb.scorecardresearch.com	2 redirects www.gazetadopovo.com.br.admin-us.cas.ms www.gazetadopovo.com.br
6	events-api.gazetadopovo.com.br	gdp-prd-data.s3.us-east-1.amazonaws.com www.gazetadopovo.com.br
6	www.google.com	www.gazetadopovo.com.br tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com news.google.com
5	r5---sn-4g5e6nz7.c.2mdn.net
5	pixel.adsafeprotected.com	2 redirects static.adsafeprotected.com pixel.adsafeprotected.com
5	www.semprefamilia.com.br	www.gazetadopovo.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fw.adsafeprotected.com	2 redirects e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	cdn.privacytools.com.br	www.gazetadopovo.com.br cdn.privacytools.com.br
3	ade.googlesyndication.com
3	unified.adsafeprotected.com	imasdk.googleapis.com
3	x.bidswitch.net	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	t.dynad.net	www.gazetadopovo.com.br.admin-us.cas.ms
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.admin-us.cas.ms
3	www.facebook.com	www.gazetadopovo.com.br
3	px.ads.linkedin.com	2 redirects www.gazetadopovo.com.br
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.admin-us.cas.ms mcasproxy.azureedge.net
2	csi.gstatic.com	imasdk.googleapis.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	s0.2mdn.net	imasdk.googleapis.com
2	www.googletagservices.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	s.dynad.net	t.dynad.net
2	b.t.tailtarget.com	tm.jsuol.com.br
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	comments.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	gdp-prd-data.s3.us-east-1.amazonaws.com
2	c2.piano.io	cdn.tinypass.com
2	connect.facebook.net	www.gazetadopovo.com.br.admin-us.cas.ms connect.facebook.net
2	tag.navdmp.com	www.gazetadopovo.com.br tag.navdmp.com
2	cdn.onesignal.com	www.gazetadopovo.com.br cdn.onesignal.com
1	beacon.krxd.net
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	rtb2-useast.torchad.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
1	ssp.adriver.ru	1 redirects
1	p.rfihub.com	1 redirects
1	sync.mathtag.com	1 redirects
1	google.ops.beeline.ru	1 redirects
1	ads.yieldmo.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	sync.go.sonobi.com	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	t.tailtarget.com
1	m.t.tailtarget.com
1	id.cxense.com	scdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	udr.uol.com.br	tm.jsuol.com.br
1	p1cluster.cxense.com	cdn.cxense.com
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.admin-us.cas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	apps.gazetadopovo.com.br	www.gazetadopovo.com.br code.jquery.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	0emsuhyuec.execute-api.us-east-1.amazonaws.com	code.jquery.com
1	analytics.twitter.com	static.ads-twitter.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	t.co	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	buy.tinypass.com	cdn.tinypass.com
1	static.ads-twitter.com	www.gazetadopovo.com.br.admin-us.cas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.admin-us.cas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.admin-us.cas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	www.gazetadopovo.com.br
1	s3.amazonaws.com	code.jquery.com
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	gdp-prd-data.s3.us-east-1.amazonaws.com	www.gazetadopovo.com.br
1	multimidia.gazetadopovo.com.br	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	code.jquery.com	www.gazetadopovo.com.br
1	fonts.googleapis.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.admin-us.cas.ms
0	um.wbtrk.net Failed	e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
0	json.gazetadopovo.com.brhttps Failed	www.gazetadopovo.com.br
497	106

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
confiavel.com
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
gazetadopovojornais.com.br
www.grpcom.com.br
privacytools.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-10-27` - `2022-10-22`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
semprefamilia.com.br Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
www.uol.com.br DigiCert SHA2 Secure Server CA	`2021-09-02` - `2022-09-02`	a year	crt.sh
*.uol.com.br Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
*.jsuol.com.br RapidSSL RSA CA 2018	`2020-06-05` - `2022-08-04`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.torchad.com AlphaSSL CA - SHA256 - G2	`2021-09-20` - `2022-10-22`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2020-12-18` - `2022-01-16`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-19` - `2021-12-28`	2 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.gazetadopovo.com.br/
Frame ID: DAD2CE05EA4F4B4AA0DEEA531A443649
Requests: 329 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Frame ID: 95220B45FF5D249DB027F2BD07C4E7A1
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266
Frame ID: F4C656F06B0308404CF576CCA0DE3BC7
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AEE657384F7DFF1133996583A38C941C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 7C3F14F0A4047BE3617264685F70BF0A
Requests: 4 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 4D87A6441421200877E75A0AE2B4F656
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 0F5BD68FBCE9B8ADF6951E4A657975F4
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: B86602F5AFC6D016BEA863633EEBA7DA
Requests: 2 HTTP requests in this frame

Frame: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1843002FC03F263FF969C0DA4AE0BA4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5D215A3C41676B2ADA8D4F9385C2301B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 297853797A51E08AA84792730553BF0E
Requests: 2 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: F5079406BFAD7821948DC31DF59582D2
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: A3E17811921B3C876F51168AED705D0C
Requests: 12 HTTP requests in this frame

Frame: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE8FE92FA77F2F9AD8DF115F16A693A2
Requests: 21 HTTP requests in this frame

Frame: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E93284A7166F3D994672A63BB3108DD
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ
Frame ID: 87EDB4ADADC359B73E493FE2C63EE2AF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM3knwEQ04nIARiEkb6zATAB&v=APEucNX5YQtYWrjHVUBVJuM0YupbnHtaMeiI4yuQpG56AlIXRTYQtRNy9ui3qhfXH_fN5mulTHZjNqTRnnDbLZlfhwGvBM5LkQ
Frame ID: 572B713C76D6F76E0EDBA1BDD69FF8C7
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html
Frame ID: 8BEA73D881136B264AE6D5CF38F032A4
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB176EB67485A07784D45F92876AABC6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E228FD62B443026B21C8A0B31FA886C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0205B7D2F0FA8730CEAF5F06C207E00E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 88A3BF67EEE33F894016195E519316F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A48DBCFEFBB223DECC29B701F03BFB70
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F342C1452B0CEC411857141A243BA71
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Frame ID: E105526DE03C9526BD88EB55D943723C
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AD6688289E7F50F29746477189EA73DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 29512DBA277EC8CF291A76097CA304D6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gazeta do Povo | Últimas notícias do Brasil e do Mundo

Page URL History Show full URLs

https://www.gazetadopovo.com.br.admin-us.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Page Statistics

497
Requests

93 %
HTTPS

0 %
IPv6

58
Domains

106
Subdomains

75
IPs

8
Countries

4980 kB
Transfer

72870 kB
Size

85
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/podcasts/?ref=explore
Title: Podcast DoisUm

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-a/2021/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-b/2021/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/copa-libertadores/2021/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/dicas-do-cartola/?ref=explore
Title: Dicas do Cartola

Search URL Search Domain Scan URL

URL: https://confiavel.com/sites-de-apostas/?ref=explore
Title: Casas de Apostas Confiáveis

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/guilherme-cunha-pereira-etica/?ref=explore
Title: Guilherme Cunha Pereira: Ética

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/filipe-figueiredo-joe-biden-relacoes-com-brasil-e-mundo/?ref=explore
Title: Filipe Figueiredo: Joe Biden

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/defesa-da-democracia-francisco-razzo/?ref=explore
Title: Francisco Razzo: Defesa da Democracia

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/paulo-cruz-religiao-politica/?ref=explore
Title: Paulo Cruz: Religião e Política

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/ebook-revolucao-dos-bichos/

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-vozes-na-gazeta
Title: Leia mais. Assine agora!

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/parana/?utm_source=gazeta-do-povo&utm_medium=componente-home2&utm_campaign=coronavirus
Title: Veja a média móvel atualizada

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/stories/flamengo-x-athletico-escalacoes-provaveis-como-assistir-data-e-horario-copa-do-brasil/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/stories/o-que-esta-em-jogo-para-o-athletico-na-semifinal-contra-o-flamengo/
Title: Dinheiro, bicampeonato, revanche: o que está em jogo para o Athletico contra o Flamengo

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/contra-o-flamengo-furacao-nao-e-franco-atirador/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/contra-o-flamengo-furacao-nao-e-franco-atirador/#comentarios
Title: 5

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/com-dois-titulares-remanescentes-athletico-busca-repetir-historia-no-maracana/
Title: Com dois titulares de 2019 remanescentes, Athletico busca repetir história no Maracanã

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/coritiba-empata-em-maceio-e-ja-pode-marcar-o-dia-da-volta/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/coritiba-empata-em-maceio-e-ja-pode-marcar-o-dia-da-volta/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/luizao-assina-renovacao-com-o-coritiba-feliz-e-motivado/
Title: Luizão assina renovação com o Coritiba: “Feliz e motivado”

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/careca-do-talco-torcedor-fluminense/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/careca-do-talco-torcedor-fluminense/#comentarios
Title: 1

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/numeros/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/pais-e-filhos/5-sinais-de-que-a-crianca-precisa-de-apoio-psicologico/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/pais-e-filhos/5-sinais-de-que-a-crianca-precisa-de-apoio-psicologico/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/pais-e-filhos/o-que-ensinar-a-criancas-e-adolescentes-quando-elas-nos-veem-perder-a-calma/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/pais-e-filhos/o-que-ensinar-a-criancas-e-adolescentes-quando-elas-nos-veem-perder-a-calma/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/stories/pasta-de-amendoim-uma-queridinha/

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=modal-salvar-para-ler-depois
Title: Conheça nossos planos e assine

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/about-gazeta-do-povo/
Title: About Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://confiavel.com/sites-de-apostas/
Title: Casas de Apostas Confiáveis

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://www.umdoisesportes.com.br/
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://privacytools.com.br/
Title: privacytools

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.admin-us.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1635358067677%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true

Request Chain 260

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1

Request Chain 385

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXmVef.ZTcuKtcd8t94ChAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1&google_hm=2

Request Chain 386

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH_7QjuA-u12RI7wzd-CUwQ&google_cver=1

Request Chain 387

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2OTM0OTE1NTgxMzYxODk2Mg%3D%3D

Request Chain 393

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKMCvgH4aFYDWH-vT72Ah_U&google_cver=1

Request Chain 394

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM0OTEyMTYtZmFiYy0yMDdiLWQxMzYtZGE1YWQ2NjY3NDk2

Request Chain 395

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEA2zY3q6jIJyVrol2NPOt68&google_cver=1

Request Chain 400

https://fw.adsafeprotected.com/rfw/bgd/742748/55595045/xbbe/creative/adj?p=APEucNVPz8CN75D5R9GMoYvxbIaZ4ZTvyftMwQImMJumAT39eMNk0tM&d=CnkAoCZ_4Pt1ljg2MibdcNblPeq1O5H1BgF_d7mwCBjqnlU8blJWsONGEFRv_ruitJBsLrlvNrWn-tdMPZpAN8eNuNTYN_kao7xi-U-MYi4W3fdxJGvGEe2jYVFKVL06aabYRDenB_cPFqHR191mi4VRcXXGBiJGYDPGEtkSAKAmf-CM1Up5_EW4lHqZP17qKn-NNoIvmHKM3_gAS8v6ErB9fls57QpCf9aDtDqvML4WTPfRvicLijqAzjVHYRzXBuiBW1fjSU-BBTTkvOE-z4isCtNlLTkQo7MoKyjAevaUKXh6SCeEYk9tPWyP1clsx3hCTRPufF2GU1QFN2a1tQk8NxO0hHg3acdo-B7Cm5NgdJmtu1WNPRMOEYOiODXwuG2sndwap4CyHGl3nEiEf9vViZZqZ3yDiEl1cZuZRw1LcTrpqqf9lii4tPqy7wmFT0BFZxTrGoantbzOVa18A328XDzm3CVqwGXpQ-y9jL6kbIrQzzQQmia0ntxN__A7CS9-5hMdrhoKqnaudZflZJ0dAYUtBGXrSwDo4CafaL0RjeYKQ3VQ0h0wc4npty8ljgQvAKuiM9WRHgQ8gDDqgm7GUomLxK2-SjMLRPWj16wI-HygB1SibMdmtm2yksi_9YS0D2IpMLIihCJrZ1hBp6rSos8qtcUC0xlLN0iCik_RFtFrKINkH10UIV24__U88TJ62qTXVPMpepyHiBSs3XvP1_46uHAOQOvFWNSmG1rb02jU6Rytww0n_3dihB9r43UdeK5iivXRNQl6oxAAwDrtVzVBmKNA6L1EaM6u5YWnbJbjvvKv01XxDLsmQAHYZxNA0oRiuATGUUTpTMaVwWTJg5N24YjbhG-vfOcs1kTWR46ab7VVMDafAbxp5IjROGSdHhwu2o3u7tHz8149pHgeB1xmSg4m1z9mnGPvFUyzZcZ_XpKSGaIhvjqhGrN69sYjhTTem2cDKjU6q_lclFjL0rV7vbyX_4FP-r7XK6jR54zUWRURdmx_-RIU0ERkbQx3UD5XbQat135M5EHOOXXqhLP9JoJV2mTJQf5EZmTOjXYgphIQg_2uDjYRX9UBtUfQtzxPxQIJaHPSTqc199gDV6VPtQy3U2g8-3saphzKfHwlO4Q64yr-lz7Xh1-ox8z_hdk97rD-SRof-cC1jGOfaQ-TmfiXHX-2qEZeszT1dqBUrb6HTLxungxIxCqBZ65hHJbcJ1ym4k2vvwWXGbm5EFRFkA_ZpvPnsMDh3WkeCZKQAbj5H1qCjmI_WbulCK20k3bcPmuL0yoS4yFxjH1sZ3zx6TuMjm2EDWxbT3MIkSd9WLZgCobv-no2eFyCFZHu1a7LIEBMhUD2TSxEyh4LZUNUXUMxkjuNHNKPq1SXZB8vQ9BfxltLIu5btGihts0GxsjOwVfkw7MujkmSKUx6xYeNbX8z4jK5LoJzIx008QqJsqowntLgZNVukdQZlUTcFekPqdMcLqD-eBwwOuU7HLWy-z1R2O7N8RMC9NrD6Nra9KdJarMO76XGWdw1vIEUqnsxjQatzRUWFSqzJNzIp53fRbrQiTZH8EHUB7EDAm3TtDyPKan9SSaxcdtUDDE-jeIhzG1Fc2Jp7Umv11dWBaLdtLeiL8kALJc7aONzfANc1r0Dq80d-WiqzuJY1SMIeMgT44jrcuyOAwDqNpVSWs3CFNtT-Owu3O2510ZNgMWO2jTBPofw5CiLgxYYxt5mkpIM9ef9G0XWGwQxEEYaz9D-ALDgs7PMj0YeASNCl3Zgp1otZHnKmovPNXpUBrgWTtToSvK1K-aCnP5v_89AEf_4K549ov-tdMKiOv5ZS9IWSM8W27a0Mlf8LANDzqSfBc32-rvld9M6sgoGXhPtOdsFm1GM5d71yexBgvlNpf69nnDt7hgeE_utGYvoQE-QTLQy6sBHS6Nkw40R5YvORj2yg5SgQRMmfK7E2oiNKfehdita2QqbmcpU8tqXFPSSLAy_nUpidqu5i9rQLBsVMAg5DTf1on4ZW-Q_ML83nzOIfJWB4RNp4P182Ch4Wn8v3WXGJsw-1LfMRVD5sKnQGYV8ukOP0yUngv0jjHAI5P5SFduv8P76ldC9WdyVdJg7dzOxbUHdgJgRrXY6r-fMbn-2H4J9sreZ0A5n_sTGivXoflQx--LUsii1RDJVLLOexPVBfiyuLXKPPS7Yn5dpXSOo1d_NcU_lkdcaDHsm1OeUQ1PuFp1p6UXb_-AqrGmvHpq-DtOO9yWSp-l4eCgEvbmvscxf_c08EirkEtrBL6ATUUIqE5byozeVA9mtxXmZ9W2IoDYlf3riW58yE377TPNxTdU1vcKJ9E2oGz9nNmjQ3PF36NqzBW0qBqyYWTwrFuKN7xdHvh1N0UqKVPTyZpCfsqs396dTOIHM9G0IM9bkfFLbsmt2OxwnkOhxagIkuq1WNVA3beW3N5iP1f0LctZQAnI3DayYEq8eWIhq5g6X5zUofIvqE_2t71sYx4Zu0f1NEVhuBdUI3Vxs3G2uUsMGOh6rjJYzdgJev94g_Ep_YhTFK6Zyvc88Y3tg4gbHgGNCf9t1xiFOEspOEaX90HPvZnb1WTb46nPlTkPppc4MeICfd3H4RYKxjMpWOWINknIjBrFGIz9KyMB2r9DB350TkJV8pzhLwYraNPWsv_L0MvGuAcuz3tBCXFLW56u5-hlJud9f3pgKBAHxhaZtpa2-pFKy3uGPypRMSJlY0D6sFaSHz2d9WssIYK2lnyAsg67yJUa3tsH1qXvI54foxcA6Tq2FzxrOJkC1VgWqpjj5BTxRQncO2WvlNkgqcxGAwn0nA5mnAX5QcVM9MQohTd_-RYpNLNvPAlUhvC5nG6I4S5FjsfX5-AaX3KAJuikLakjoO-5T2rPNgngroUQZfB6FYxLLMCJ_9uWMnHB5ZF6wVDBUjC6Rdrkp7jm2m4hiCraV1m7dXD6ZZsq9GO2naslYViQtxbuWSkmi9XW5NcqpzUf3ZMaI0djlKYuil2W472pJtjVxUUBJmMGk88HcfQaFf0vot9d3ZyNB1xn7H6oA-L-ZSkX2ypq5xX_3g7UKOjLpg0sC3laO2QbGkN_42Z3w7gsf8T-WsrZmGXph99P9kOg4raHzPcGyvuMbFvt-INcxED22VL-v70r6wKGEcYczI4atVtOlxW2DNnsNDDXzuIg-4FCXd354siI4FNLBVkm8ya4Lb5pltoD8dUD01-tsk8X2WGZGl8CASSr0_dFvMuLKWUb-wUNISZCCPnyabDWJ2dPzjVRUiIegbzU6wi74qsGUAkUMWR2skPITU39oQd77nQeQxy6u6dpPuu8rSsQxqLjzz-fS5_bCncXf71ZK1ygaFggAEhLkaD_p0fWL9JLkDSeBTjYAGjFgAQ&ias_advId=9UiB3qDh&ias_campId=v1__amncamid__%ebuy!__51978127&ias_pubId=pub-6330791094260149&ias_chanId=v1__eHzN2tHl__1__${APPNEXUS_AUCTION_ID}__${TRUSTX_AUCTION_ID}__${IX_AID}__${OX_AID}__${PUBMTC_AID}__${RUBI_AID}&ias_placementId=v1__%epid!____20434151&adsafe_par&ias_impId=ABAjH0i2FxW_ewkFcyYIWVnDl6GU&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d722542d-ea6e-1a51-410b-a5cac6f2fcdd,c:sgJ23l,sl:outOfView,em:true,fr:false,thd:1,mn:app13ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:cdd5e102-3750-11ec-92a2-062810ec67f6,v:19.8.256,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 403

https://fw.adsafeprotected.com/rfw/bgd/220584/56772992/xbbe/creative/adj?p=APEucNWBhqcyg1FDBWHWr5fA6b7JszTrweIqTHl-xY8PbEZD47YEwko&d=CnkAoCZ_4PGnhRmsj8nGmm3fMKv_jda6WTHdf5QdPDI6MO5BSsgP_2ZTWvA5y4q4HTAdtKBux1BfXITTtPWtgIycgt7Q6jGXD8Ev-N2p9lKgcPsvbixcuQzJETnBhbXKB7VFQw2HKA_7Mme9iGISNi8qdzTbf_wlWPPJEskSAKAmf-ConDk2hXY_5YoM-h8414C8mzo6VkrvvK3R9ZlBdtqCS0AeuyLV8okkQBh_Ij2lpdLJNDeGH7PsglN_tGhpPTbM_wyWqsvt391w0LJ_3WLsuf6HnFLtNjHRSzREqr4dlKyb1jr3Y9DJeehXCtmCxITjAXHwcvjp0IR8j5iQtXQfo6sG2sr9CPozH6OH5FlSybilsCWYvZK7X4EWmG9cKOzlP8iVrRqBy4bjCsNHlXyNiWTFwpW5B1MOHcY2e2SLwUORrRfrrZD-gX5wmvPZ962oV0yzV2GdLpwJ6BbX9Ct6WhaGsZU5-xmV7IcYbm3iGQOI69HZr06SUnpWvrBQDxg66g_PBuypoE0bsIDZz_WXu6sVH-IOUTxdnH1N8OVZx67Yo47bEXCxQI4fsy7ThXf210LZteFh6nA82eTjP87_k6ZjjQrisSsJfO_KG4D2q8AEn4d28EHJEodPRWKEV8DSS7Wg7DjXh4AOwHd9tWN8Q9HFNnpZq4dIGjDY92KybS4WZwnp9aN723Ldhw8okTO3Db_7VjDrmFJ0Jg5p1-2SD7d0bfFWxkmnRL26JW7RPNdnILgnGoJumKBzzFHUasw3JOVhpkL5K9pc_EltFrCtIUsIPQh23Wx0pI_UaCTlITK_qZ7qm_2gBl6w7C4xYER_6GvZ_U2d1j44tgwSGISljP8fijb9PTk_DFGjXfb4rcEFHwT3zYPsQeCnIF77q7stW7C13YhVWbCx-kb6qeLJzfxCW7z4DSII3cbK_hdAkxVIo5WPE4LU6_EtnRENnUpdB60j-adIoV4YHtHrUvk1k1uS-RW2ybKnpxiHJKpX2zcGqIvepvwYon0JRKy3giXQ2AJOyRjcTbrA1LMwxL7UbXMap_Xu6U39zQ8dRaHbQqJfFieddJC7-dzu7_UL3vtTyOowiLtDQVL-uSQY5JikxgfO1fnl2Hm-JX0_cxMHjMF4NNDbU24b--_YVlEOqOrZHDF_GT_iDARSqgJOZiAHcTPrMmMjHOFLYkBH0fgMgCQMhWkWicBFOpHdk17GC-Mn-Y-A8r4c0bMwytpEIg6TmS8HgzfnEckxdu03jf4NqoSVG0vRWE9jMbkLZ6_b8QkMufmX6fOVgMtgGAK2e3CQiXRcwhDpK2kuak8iUqTsImMky5nqMfcbEo84C0Taw8F3lL_5HqUtiQnqMSyiZamcU7H2oR_dZN4JjuimQ5qtEX4IYyPZSzfhGtOF8Ne5s9oLHMIDj4a5AIN7Yej7RZ3lVyEQVcXSoJPLDccDowh6ztZLq4tSoJYnody1H-3Z4bA47r-9gmUOyKEGs52Ou2PEvJZxg9lLn3AAptljo8cMWzpqOdl3-v8fmPB-VCWGk69_vC3hyBk6ov9gWR0LJYCW1eFhxmkxDIiuLbVoJ9yZY2czez958q9d5HMHSF5O_Ff9D8ChljIzkzf4iwyt4wYd8m2bqUwnZ3rbP-tfGMTCXBvMnsZcDQx54C19VOh3kNA9snNnbMRC2bNmZPjh-k1_ZWuZMlntD9O8gTXOkpJQRQ6z1QfeQxT99R72iFoZ9Pou6B8pwRVsnEaqwivQB-9nHrZ7SytDs_ndrux6wXYF8kv0FRsxSb3s1DFryWc7rotLi9mMCO99UL-CM7RdDvjZpjhW9tg_SRXZQxbEXd_rO1kqO5T8V3E6VGBgT7-AHXJMCMKeB9U3BPvmo4xeqNvN3Xd8htGnckxoQYlCYlnEwntMnvaqul_acrYILqzyFcUmW9YK_quiicEw_fQg3T3IRmbTHJo6gCNHtTUc-FPY6wnhYf57IC3TcrsUAMXkEK8cyQlsHZOjvcmh0g0OIKpQEIrCzKCSsfRrTohHGIR8eU9pohBHZxQDhXFxejJWm5uuD9I5vOvLRgxHgez0kS6Owp1G4HFVf4JxWmC6QljxfHwu1B2R8nx1aG0mb45MQI4bEE6pa2pOopp4V9UHmMSxMwUqwJ2GCy7IQscG0x44GfQIoPHHqrfXK7TZMo2Yu_OSli1_bAJeZgk1bSJG3lxxy6mnQoVShM1yKX7xUT7mIv_M8hzMoOmp1tN2He2_a_LlutuouVOSG6d3HngqKaCQ5SeW2BKUctlGyVl7V4UTuN342lCGG0fAsr_K5CsHtSIhB3KbmySfUdemiYdYLtMJjWkYSPcqB1yoIz2GHHezudhkLg5ZlELQvn5v6S13k_K7whpCE_eiYLl28bDr8dO1zKYymwwILn8fWGzhrheqHDzupdXdvASJQEovwEoFmknbeZjhlTGCzJ7E5_RC6sm1kN6044qhzDtjorJaw-nyQ5DNh_IXX9VBRa98TXKRSKsEG-HcUDADzUWzxaperJcavWD1v4M3S4hO1Br_sXsxFtEEIAwKkk_S_G5HTb6iJCEzBpXIJ6EhCUTJQdh0oI3UVT8ov5_ePm80pRfV9VX34VdHrD1sJMILv0O1jX4hvl6IyGF3G352j3abiCkXatnmAVlXOr-Mg0FfLjTsyO-iCJy-N9UqZpRTLVC82mWB_1VMmsqVX8vg8Al-uP9n0vFf-ARiHYY6o8RVcm0_BQpACtc4IfcdOZL1hI5_HRAEDGoD8ZPzzHbZS7nX2HVZqFA16Di83XxhFjX6LZfZKJWawdmNwk9R018EzQGK01Kyzihe9si9-sxwyz8iNA7DqrSzDzWOh5OhGb-qzCpfIHzwzg_alQbwi07pldhUmmapXKPiTkM8WlUTFz9m2--d85XeTf-qakJNLm2Iid52hcIp-qRLdN5TiLE940nmhwkEnOjr2Z8FeAN9TpAOMubIHpQo4mTrTnViyUOPqj9Jnurn3UZ2meU2tGuF327HDxmni6eU2iTY9RzcZXuyDi06_2g6zbMuuLyKH59Qv0z_rQJms5PW4SgdfN2-TbTRsiZ9F7-0UznXL9ia1-1nh3OmdLrDqkR_LdsQibZX_wzWL3LnCeFlIGFl3ElADGwwt0-QJ8X6xHpXNb151l6c29c0b3-yoby3aorlvbn6DtHCuzI6cDwajB5OxFlXP_8E93pn3xNwO9fEuLbCEUVzpVOqaTHtOl2RuOwLFxzO2s_LlrDu70Hzf4-hSsI3lUsxXIr6ZVQCFCWfGve2Kz_iQBk7rj1Qysi2l4oTsbTfI32-A121hgz8cQHvR2a9GXOog3mAq2j0uQrbuBoWCAASEuRogpEbwN1j2RAGusUFJwW1n2AB&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9deb46d7-d6c0-ce6d-b9a4-48d025ec3891,c:sgJ249,sl:outOfView,em:true,fr:false,thd:1,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:sN47OCG+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:cdd655c7-3750-11ec-b761-0634eb268b40,v:19.8.256,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 418

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjQC8F54ZC_l626uxLXaVo&google_cver=1&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjQC8F54ZC_l626uxLXaVo&google_cver=1&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA&google_hm=

Request Chain 419

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMV9GlaT4_hJRrK-2i8j_pg&google_cver=1&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2WtRObPMqk3BOvl7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MNB19m9eSo1R5seiv--X0tiDcuU&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2WtRObPMqk3BOvl7Q

Request Chain 420

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED3s2a3w4PNkoY9li4PyCmw&google_cver=1&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_OzrhQbf-o_vuaTRf5EKMTasto1zQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5VFoxS08tVS1GRktJ&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_OzrhQbf-o_vuaTRf5EKMTasto1zQ

Request Chain 422

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEESj4yOWI7Zq7ai3P-VBjYs&google_cver=1&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1t6vE0pEOlTEX2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1t6vE0pEOlTEX2w

Request Chain 424

https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEAaq65_n8lQgufSsuJ2FdsA&google_cver=1&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lcmkM5BwobIcECaORGIh8aE10ycQUEWbiMv4klDg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=NzFkNjgxNTctMDE0OS00MzUwLThjNzItYjg0ODA2Y2E4N2Nk&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lcmkM5BwobIcECaORGIh8aE10ycQUEWbiMv4klDg

Request Chain 426

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELclfYnyk9IN61R0gHGaKsA&google_cver=1&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3YZw8mEszDbxFsOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3YZw8mEszDbxFsOA

Request Chain 427

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFBe1QZ1n3S87et8lF_V_tk&google_cver=1&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJhfM-J-kzSBYjpcPCV7o2DMNSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJhfM-J-kzSBYjpcPCV7o2DMNSw

Request Chain 429

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGuyQxXSSDg_Eo8FMjhARSQ&google_cver=1&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGuyQxXSSDg_Eo8FMjhARSQ&google_cver=1&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077719552134910&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L&google_hm=ZZ6du6JhSYm5Py-RUGtuuw==

Request Chain 430

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEBlEahkbMB1XVVua2j3FddU&google_cver=1&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJJONu8q4WAf6KGkD5l5WEQYsPIHLsK9I4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJJONu8q4WAf6KGkD5l5WEQYsPIHLsK9I4Q&google_hm=QVBoQUVrZlh1NF8zeDR5N3RGVlJSY3c=

Request Chain 432

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM&apid=UPce54fc4d-3750-11ec-bad7-02f59b816c62 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM&apid=UPce54fc4d-3750-11ec-bad7-02f59b816c62&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBjZTU0ZmM0ZC0zNzUwLTExZWMtYmFkNy0wMmY1OWI4MTZjNjI%3D&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM

Request Chain 462

https://gcdn.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/id,itag,source,ctier,ip,ipbits,expire/signature/8DE0CC82C5F98103E1C47062D89CEAE745CB7525.AB7085A340ED63B3653866345046986AD4C0A7F6/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/832428A60017D32F18C61B663BC6453510ADEC1C.0B834FA67CC1DB177A33EB42A35E93D2CE5F1A41/key/cms1/cms_redirect/yes/mh/t8/mip/216.131.114.229/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1635357639/mv/m/mvi/5/pl/24/file/file.mp4

Request Chain 474

https://pixel.adsafeprotected.com/rfw/st/842139/58054202/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fimasdk.googleapis.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fjs%2Floader20.html%3Fhttps%3A%2F%2Fstatic.adsafeprotected.com%2Fias%2Fv1%2Fvpaid.2021.10.04-08.57-25eef18.js&adsafe_type=d&adsafe_jsinfo=,id:861b6638-4c0a-560d-211c-22f517701089,c:sgJ2mh,sl:na,em:true,fr:false,thd:1,mn:app03ie,pt:2-5-15,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:4,fm:sN47OUQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:18,oid:ce9698ce-3750-11ec-842a-0a6fa201f3de,v:19.8.256,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:108,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332

Request Chain 483

https://pixel.adsafeprotected.com/rfw/st/842139/58054203/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&sdkv=h.3.486.2&adurl=&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&sdkv=h.3.486.2&adurl=&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0

497 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.gazetadopovo.com.br.admin-us.cas.ms/ 1 KB
839 B 3428ms
39ms Document
text/html 51.137.137.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.admin-us.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

49457d7c0afbc341fa4d39738cf082414995de9c5baeee95e60face849870180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Wed, 27 Oct 2021 18:07:46 GMT
x-mcas-request-id: 8e957fc60119f15828befb72c2aae00d
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ 5 KB
5 KB 33ms
7ms Script
application/javascript 23.55.110.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.164 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-164.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-us.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Oct 2021 18:07:46 GMT
last-modified: Fri, 15 Oct 2021 19:37:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D990133FF7986E
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4620e0d6-f01e-00a1-4126-c29a4f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30522801
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.7.19/html/ Frame 9522 281 B
729 B 16ms
13ms Document
text/html 23.55.110.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.164 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-164.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Fri, 15 Oct 2021 19:37:38 GMT
etag: 0x8D990133F2F41AD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b92320e9-a01e-0018-0a26-c27941000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30522884
date: Wed, 27 Oct 2021 18:07:46 GMT

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ Frame 9522 36 KB
36 KB 7ms
7ms Script
application/javascript 23.55.110.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.164 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-164.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 27 Oct 2021 18:07:46 GMT
last-modified: Fri, 15 Oct 2021 19:37:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: d0ja3c44qO7D3vm2nqObfQ==
etag: 0x8D990133F6F63AD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b92321e8-a01e-0018-6326-c27941000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30522843
x-ms-version: 2009-09-19
content-length: 36521

GET
H2 200 Primary Request / Show response
www.gazetadopovo.com.br/ 445 KB
68 KB 37ms
11ms Document
text/html 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a801a5b5d2982f418de6aba8e877b30b0d879f844477225ceab0f3ef1fb3b457

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Response headers

content-type: text/html
date: Wed, 27 Oct 2021 18:02:00 GMT
last-modified: Wed, 27 Oct 2021 18:00:39 GMT
etag: W/"c070ecb6f78f7e4eb3782bfe7bd926d5"
cache-control: max-age=600
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: mNPOnZoh29QdBzoDMvFDPXAsA40zUyp6l1roAKru5OI-Ds6L3I9jPg==
age: 347

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 72ms
28ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3056
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a4dddaeedac4137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Oct 2021 18:07:47 GMT

GET
H2 200 GazetaDoPovoSDK.js Show response
www.gazetadopovo.com.br/assets/legacy/ 145 KB
37 KB 11ms
9ms Script
application/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/GazetaDoPovoSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 19:10:34 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 18:34:32 GMT
server: AmazonS3
age: 11919432
etag: W/"93db618a4f3bd0163e68ad039dcbd60c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: eYePXBibg-tbCgm1Lmimi-V6zhZeuB7oLSUX7YAwdLXtD3tdo4g7ww==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 45ms
17ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

b22431c77bcb1bfbf4d4a8efd58e7763f982f548dd02eea1ae2a58e8386bb0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 18:07:47 GMT
server: ESF
date: Wed, 27 Oct 2021 18:07:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 27 Oct 2021 18:07:47 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
3 KB 109ms
51ms Stylesheet
text/css 104.26.10.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Oct 2021 13:21:46 GMT
server: cloudflare
age: 2177161
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjjf9JZZ8ovR1Gos1YIzDiidmWO2quqTzPnP2LY%2BNJaeD%2FqfH6yeREWKAqHfk2YHsfbdPa%2FSIfjnJmrzcHBTMxxFzxIVC9RgpZ7ecX2To7IUSW2ZdX686Sjrwd5NmHukxH3Y0zjptY9p"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a4dddaefadf413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app-e3b8751ae34bd554558c.css
www.gazetadopovo.com.br/assets/ 731 KB
50 KB 10ms
8ms Stylesheet
text/css 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84e6390158f84c260ce7a6c38c3ca41aaf4996b379ed5b586bd36814854e7e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 19:35:00 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 19:25:42 GMT
server: AmazonS3
age: 1204367
etag: W/"5f893456a892e29b718b05d77af822e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: text/css
x-amz-cf-id: DS8rH9Rj7rtjBm9Z44aoI1dhbakqUThu8uSl2i2XYb3WF_LOH4-fQA==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 37ms
9ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.gazetadopovo.com.br/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1635358067.dop149.fr8.t,1635358067.cds230.fr8.hn,1635358067.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 ico-noticias.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 402 B
758 B 36ms
28ms Image
image/svg+xml 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-noticias.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 14:25:52 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
last-modified: Wed, 13 Oct 2021 19:26:09 GMT
server: AmazonS3
age: 963716
etag: "0047e5eff1c16451783c127e71d7c4dc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: image/svg+xml
content-length: 402
x-amz-cf-id: ru5ymS4NJ_iKVBawqyIUbQcBDFWk2vmE6rR08G19W4mvkTVtZxG_ng==

GET
H2 200 ico-opiniao.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 742 B
1 KB 36ms
28ms Image
image/svg+xml 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-opiniao.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 09:04:01 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
last-modified: Thu, 15 Apr 2021 22:56:27 GMT
server: AmazonS3
age: 16621427
etag: "81ceaad7f3bf5e4912e4a7e9fea1d1a8"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: image/svg+xml
content-length: 742
x-amz-cf-id: TZBb1dVE3gNWwyqr-v297G17pXuXMLPETYTFKDNdiWBRZaP7-tJm0Q==

GET
H2 200 ico-descubra.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 553 B
911 B 35ms
26ms Image
image/svg+xml 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-descubra.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:16 GMT
server: AmazonS3
age: 22600223
etag: "f54a53358f4eb688ab2e8b30a5f16f6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: image/svg+xml
content-length: 553
x-amz-cf-id: zWW29txL-M6HOpT_MvW4CB5qIJ9dIhd16Z090-QVfSshsXH1ooUZzw==

GET
H2 200 ico-minha-gazeta.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 381 B
738 B 36ms
27ms Image
image/svg+xml 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-minha-gazeta.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:49:07 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 22951120
etag: "e7caef4cd9fc8923d63157348bf8b219"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: image/svg+xml
content-length: 381
x-amz-cf-id: 2hLXErrDbbN-K18JTqlKSaf_MEn8AoDeI3tbYJsC3uKuohyWCfGe8w==

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets/images/svg/ 123 B
471 B 34ms
25ms Image
image/svg+xml 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 30 May 2021 12:59:28 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
last-modified: Fri, 28 May 2021 13:34:58 GMT
server: AmazonS3
age: 12978500
etag: "852c057958949c7560916cdd5f0121ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: i9oirdNQqUxBp2vmiBduLurNpIy76n9SPfpsVEabweVNjyxvUL3kDw==

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 116 KB
27 KB 48ms
8ms Script
application/x-javascript 23.79.131.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.70 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-70.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Wed, 27 Oct 2021 19:07:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
6ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 433
date: Wed, 27 Oct 2021 18:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Wed, 27 Oct 2021 20:00:34 GMT

GET
H2 200 alexandre-garcia.jpg
media.gazetadopovo.com.br/2019/05/23144603/ 10 KB
10 KB 78ms
17ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23144603/alexandre-garcia.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:36:27 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 17:46:07 GMT
server: AmazonS3
age: 23473881
etag: "3e823898276211d06ab9709bdcc61589"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 10107
x-amz-cf-id: bXyrXNgPfdFTTzSgpd4JeLTiW2peNb-kvK4Y262wIGKdX9D6zRb7-g==
expires: Fri, 22 May 2020 17:46:03 GMT

GET
H2 200 macalossi_nova_editado.jpg
media.gazetadopovo.com.br/2020/04/06105856/ 7 KB
7 KB 80ms
19ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/04/06105856/macalossi_nova_editado.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26eb930de18aaa2b194c59094ae4b549635f240e28fa3d2cda81458a46bc84f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:07:50 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 13:58:59 GMT
server: AmazonS3
age: 5461198
etag: "90df26f61ac5f755c98b5b9b1027682f"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 7171
x-amz-cf-id: uJIbzKUIxf1FyXhO4rWxTqjPumKUgHB2DxfXdDLeeS2IDQlgDGqayQ==
expires: Tue, 06 Apr 2021 13:58:56 GMT

GET
H2 200 carlos3.jpg
media.gazetadopovo.com.br/2021/04/05215839/ 10 KB
11 KB 80ms
19ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/05215839/carlos3.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 19:10:55 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 06 Apr 2021 00:58:40 GMT
server: AmazonS3
age: 11055413
etag: "8a2226d8b0625081a0aafb0b3b3cf5fe"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 10620
x-amz-cf-id: RR7HvAJF-cseQsvPt61RqvjaKi7I5M5a8lqy3Ag7eYtcFu6w8UWZyg==
expires: Wed, 06 Apr 2022 00:58:39 GMT

GET
H2 200 Roger-Pereira.jpg
media.gazetadopovo.com.br/2020/10/15185728/ 8 KB
9 KB 81ms
23ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/10/15185728/Roger-Pereira.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 20:56:03 GMT
content-encoding: gzip
last-modified: Thu, 15 Oct 2020 21:57:30 GMT
server: AmazonS3
age: 11740305
etag: "a13a3daf0723007dee897f9f22bcb8f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8333
x-amz-cf-id: yX2SgI2TygoxMdqIcVdNk9EdAe0VAxFozGGw_VWKz96AkGn9Yqj9lQ==
expires: Fri, 15 Oct 2021 21:57:28 GMT

GET
H2 200 infog-remote.js Show response
multimidia.gazetadopovo.com.br/recursos/js/ 10 KB
10 KB 38ms
7ms Script
application/javascript 18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://multimidia.gazetadopovo.com.br/recursos/js/infog-remote.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.5.21 /
Resource Hash: 9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:38:34 GMT
via: 1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified: Fri, 09 Nov 2018 13:38:20 GMT
server: Apache/2.4.6 (CentOS) PHP/5.5.21
age: 52153
etag: "277a-57a3b76e9180e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 10106
x-amz-cf-id: 5HCIGMrUwDmPe9XyvQIVl31e5b5qWTiO5sgGYLV30EPfVFCAXAo9cA==
expires: Wed, 27 Oct 2021 03:43:34 GMT

GET
H2 200 augusto-mafuz-fundo-branco-300x300.png
media.gazetadopovo.com.br/2021/10/ 100 KB
101 KB 82ms
24ms Image
binary/octet-stream 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/augusto-mafuz-fundo-branco-300x300.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a2b8f34839f743b053a8fdc69b9dd44d5a6f7e8a3c271d05fa88b8110ff2180

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:43:02 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Fri, 01 Oct 2021 17:32:44 GMT
server: AmazonS3
age: 2247886
etag: "a3f3a4de6526998423e73b8321d0a6e7"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 102533
x-amz-cf-id: BDTSAwIu2JUR9VymitNA1UXrT6bjSFyx_VVmUb_TqFvafMZoXVUv_g==

GET
H2 200 andre-barcinski-300x300.jpg
media.gazetadopovo.com.br/2021/10/ 53 KB
53 KB 90ms
33ms Image
binary/octet-stream 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/andre-barcinski-300x300.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df92e1a597e336a159cce9cb8caebbbf5d1e8601a6645fb91e688edfaa556ac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:58:57 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 15:46:29 GMT
server: AmazonS3
age: 1822131
etag: "b1a7ab7a1398a42aa2c5e93b691a72f1"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 53991
x-amz-cf-id: E3tzApu1amSd0fDXXUwAoDj5kb8siHHmdzDa9FYRiLTqmgZcSMWp1w==

GET
H2 200 bruna-frascolla.jpg
media.gazetadopovo.com.br/2020/07/09173751/ 8 KB
8 KB 27ms
27ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/07/09173751/bruna-frascolla.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 947e3dec03b8a6a3d77e890d173bc946ee51b395db9ab32d971da1996305a409

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:25:10 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:37:54 GMT
server: AmazonS3
age: 22956157
etag: "ebb57691647a551f2047dd0b2d1e0a0b"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8259
x-amz-cf-id: ajAl3NvBuerPaPaJ-iNX8NL8QiMztMp49S_INGfvq0W-4hp-SHdDNQ==
expires: Fri, 09 Jul 2021 20:37:51 GMT

GET
H2 200 owl.carousel.min.js Show response
www.gazetadopovo.com.br/assets/legacy/ 43 KB
12 KB 10ms
10ms Script
application/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/owl.carousel.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 23 May 2021 12:27:22 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:10:18 GMT
server: AmazonS3
age: 13585226
etag: W/"5274afb2522b0f6f1b6a019949c3c104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: -zJWgrU0cObroMvzRb1DatZeXoF5NJsedZ63w9YScqE2SIuKGU305g==

GET
H2 200 vendor-19408c4dce627c3e9217.js Show response
www.gazetadopovo.com.br/assets/ 290 KB
95 KB 26ms
18ms Script
application/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 329c2fa750c12d8e9908ae6e3dbb3fcd606ca9568b7a89a1b700aa691f7ca78c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:15:27 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:50:48 GMT
server: AmazonS3
age: 3141
etag: W/"f85542908d191f9e6dd182ed98539779"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: earS3ioUZxI6XpnL3UFTTike9OUO0x2IQpXKLZNSdWOgfphj5jZ-yA==

GET
H2 200 gazetadopovo-app-74281fb7256d3e87d42d.js Show response
www.gazetadopovo.com.br/assets/ 414 KB
71 KB 33ms
24ms Script
application/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-74281fb7256d3e87d42d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87967a62442fcfd180e5f36ef63322cb59ff7231b44dbbb2f8120b70fc62a315

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:15:28 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:50:02 GMT
server: AmazonS3
age: 3140
etag: W/"1c07c71b67d2b81e09e86a07dd950fda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 2gHp802-OhU3f7QL_YElI05_CcQhkk7Was8OSd2xIl71cx-F6yBrsw==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 35ms
26ms Script
text/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:24:44 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 5596984
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: 9dzuGM1NG5jdqcKx61-ZRJUUego7TcaSbX5afd63pw-SGOw6Fh2A4Q==

GET
H/1.1 200
OK JSPianoSDK-0.4.4.js Show response
gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/ 323 KB
323 KB 453ms
134ms Script
application/json 52.216.85.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.85.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:48 GMT
Last-Modified: Fri, 05 Mar 2021 13:15:08 GMT
Server: AmazonS3
x-amz-request-id: 9EA6ZFPE7J43XDYV
ETag: "cc0b84a81c8868bf472ad514d8695844"
Content-Type: application/json
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 330317
x-amz-id-2: ChuCtzGlkQ3eTYmPXrEgWJf/kViFYJ7S8+TdHBtpGJefYP/PXqvPT+MmaHCuD1yUdDN3gzDdYKM=

GET
H2 200 e6Ya311101.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 110 KB
21 KB 40ms
29ms Script
text/plain 104.26.10.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e74fee73ebaf20ce765bbb0c2128a0e601000c656a610deaa56d9dbc0c418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Oct 2021 13:21:47 GMT
server: cloudflare
age: 2177160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KcqB7IPi3rIE3VaeAIH7no9sHqM%2BJxYC%2FJRn4gE%2FnuJLTBRhGs%2BHYxGCelINKNahoOfwL7XS2P9ZhiE5LYQ23AtKBoqtTz9DnCpVGOzoVjAkROQxxhPQQnhajn2wo%2BnFzujj3H5V5yC"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a4dddaf7ba5413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 260ms
256ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1251
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a4dddb0da264137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Oct 2021 18:07:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
71 KB 326ms
34ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

5a9f9200d83c2f4afd7e36da8101fa371fe4c68f48454b7dacc4142a1cb06510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 72551
x-xss-protection: 0
expires: Wed, 27 Oct 2021 18:07:47 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 13 KB
5 KB 91ms
33ms Script
application/javascript 104.16.11.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.11.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c3ce70e61d9a67ba701f05ab26feb479d3c0c90ec09f2869d6e7010c4eac6b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Oct 2021 19:13:24 GMT
server: cloudflare
age: 3096
etag: W/"616dc754-330b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a4dddb028684137-PRG
content-type: application/javascript
expires: Wed, 27 Oct 2021 18:16:10 GMT

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 41ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 23:42:41 GMT
x-content-type-options: nosniff
age: 584706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 23:42:41 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 49ms
16ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 19:34:04 GMT
x-content-type-options: nosniff
age: 513223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 19:34:04 GMT

GET
H2 200 logo-gazeta-fallback.svg
assets.gazetadopovo.com.br/images/svg/ 2 KB
1 KB 64ms
7ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/logo-gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 19:11:32 GMT
server: AmazonS3
age: 22676615
etag: W/"d792eee1076dd5de89b09831c82d0436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
content-type: image/svg+xml
x-amz-cf-id: OcPJwTb_eERrXNplhlTskPzNp7VoSoD_ru9nPUoksiPDmuCVobvjcg==

GET
H2 200 loader-salvar.svg
assets.gazetadopovo.com.br/images/svg/ 858 B
1 KB 43ms
7ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/loader-salvar.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf0651e068bb71f4b732881a5fd066173b798ee195561261004532b83a3267e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 17:48:14 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 17:27:51 GMT
server: AmazonS3
age: 1642774
etag: "b2aa84c08caa2a626fa8bdf44c063290"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/svg+xml
content-length: 858
x-amz-cf-id: j8GZugHPvVZcbNlSsPrg9Rx4p5Sa4YuqbOVh06JO-RVysHWIgsYe6w==

GET
H2 200 ico-related-items.svg
assets.gazetadopovo.com.br/images/svg/ 156 B
530 B 43ms
7ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-related-items.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 19:10:36 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Mon, 31 May 2021 23:38:15 GMT
server: AmazonS3
age: 11919432
etag: "a1e034e511ddfddbd71c0ee10f8240f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/svg+xml
content-length: 156
x-amz-cf-id: _-AMaUXkq0v3hb6jtxHAkyZTxBpQ_DOekz6Z4uktX1yGbgRFGvaRfg==

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 28ms
27ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 23:43:17 GMT
x-content-type-options: nosniff
age: 584670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19696
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 23:43:17 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 36ms
35ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 16:07:23 GMT
x-content-type-options: nosniff
age: 525624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 16:07:23 GMT

GET
H/1.1 200
OK 5294.json Show response
s3.amazonaws.com/gp-infoservices/infocoder/ 27 KB
28 KB 417ms
121ms Script
application/json 52.216.93.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gp-infoservices/infocoder/5294.json?_=1635358067091
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.93.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 651b24999e5a9eb1a062177ffb67df2ad8c84d2aa1339405b24fe57770a74b0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:48 GMT
Last-Modified: Sat, 11 Sep 2021 13:20:29 GMT
Server: AmazonS3
x-amz-request-id: 9EA7ZCMNRC0T4D55
ETag: "58cb4a83e5dbfc5a82e314bed335ba1d"
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 27863
x-amz-id-2: Ow4fTi0pPS8PEmzrmG8TWv0a/G2cYHBU7oMhnscqEOZyHBKsGPerl+lwSrmzPvqyzushJHcPlvU=

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 154 KB
47 KB 49ms
8ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

5e8a443bbd226547d0d3a31a8044a24cf433d2aad5f5db0dc64d7c1f89ea172f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47026
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 19:58:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Wed, 27 Oct 2021 18:55:47 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 88ms
46ms Script
application/javascript 104.17.183.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.183.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216a380fbf08ff5e84de976fb1e126e73587adc46c54eac50083a914cabda3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 736
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cjsdn1rfKri
wn: prod-exp-10-0-130-6
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6a4dddb14e47412c-PRG
expires: Wed, 27 Oct 2021 18:37:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
14ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=62327033&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1895556859&gjid=1182023786&cid=2019788381.1635358067&tid=UA-23088598-1&_gid=129509643.1635358067&_r=1&_slc=1&z=1796976729

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 38609 Show response
tag.navdmp.com/u/ 1 KB
902 B 165ms
161ms Script
application/javascript 104.16.11.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/38609
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.11.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0612d71c1b861fd864c9ab87f88fe948ed0c55fccc79f27f09c0582645f0d844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:44:58 GMT
server: cloudflare
etag: W/"6137b32a-5ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a4dddb18b9b4137-PRG
content-type: application/javascript
expires: Wed, 27 Oct 2021 19:07:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
417 B 46ms
13ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23088598-1&cid=2019788381.1635358067&jid=1895556859&gjid=1182023786&_gid=129509643.1635358067&_u=IEBAAEAAAAAAAC~&z=1218801404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 18:07:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 56ms
20ms Stylesheet
text/css 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6433
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:26:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Wed, 27 Oct 2021 18:16:38 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame F4C6 23 KB
7 KB 100ms
76ms Document
text/html 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

e28bb527b04559454f041033f6f1ebd32bb95471f0223c4843b81aa0bff675cc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-s1u+yMO3R/BHATyDjuUGuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-s1u+yMO3R/BHATyDjuUGuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 27 Oct 2021 18:07:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-s1u+yMO3R/BHATyDjuUGuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-s1u+yMO3R/BHATyDjuUGuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 44ms
22ms Other
image/svg+xml 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Wed, 27 Oct 2021 18:25:09 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
58 B 108ms
93ms Fetch
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 412 KB
135 KB 50ms
47ms Script
application/javascript 104.17.183.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.183.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc3720d9c0c8c7f139872371154108a193a6e40c535b8e58c36b40b9f95638a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6583
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-124-41
last-modified: Wed, 27 Oct 2021 10:43:46 GMT
server: cloudflare
etag: W/"421884-1635331426000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6a4dddb1cf2e412c-PRG
expires: Wed, 27 Oct 2021 20:07:47 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 76ms
36ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23088598-1&cid=2019788381.1635358067&jid=1895556859&_u=IEBAAEAAAAAAAC~&z=1882283005

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 11ms
11ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Oct 2021 18:55:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 69ms
26ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14435
x-xss-protection: 0
server: cafe
etag: 3499052782129861849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 18:07:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: Q5GJ1CYwvvZqJNdwPuQQZUhFkJCWJolqw771HlpdfaRM2kSjg6JvmsKq+KdcLA36ymP0xdZf24N5hQ+8GgV2HA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 27 Oct 2021 18:07:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 30ms
13ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 02:34:06 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 56301
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: WCN7oN6L79Rxn8GPGOOOtXwTkt3XWXVJJuf97Y9d4za-10FVpYjUKw==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 36ms
9ms Script
application/x-javascript 2.16.186.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.19 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75399
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
403 B 35ms
8ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 10:36:28 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 977480
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: WhZfRlL23Wuf3OvZ1-0c4rMpYQamjvcoo7SSwP5lab5YVSMJTRBaAg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 29ms
11ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-ST
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100038-IAD, cache-hhn11551-HHN

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 48ms
23ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23088598-1&cid=2019788381.1635358067&jid=870360143&gjid=433590242&_gid=129509643.1635358067&_u=aGDAgEALAAAAAG~&z=1984818104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 18:07:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66531
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 / Show response
www.gazetadopovo.com.br/ 0
354 B 414ms
414ms XHR
text/html 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?&_=1635358067285
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 18:00:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"c070ecb6f78f7e4eb3782bfe7bd926d5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=600
content-type: text/html
x-amz-cf-id: nJNUC-QuJOjYQaKNfK005pshW6lGl9LbwIaI9T_LH_yUOLowLjMArw==

GET
H3 200 343122172743779 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 348ms
339ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

eac5d9b2e9a2d31dacee6670f25750bb87dbcd94a893f866a13984dce8e161c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: L5ZbPYqJqs5n/CO/SEk92wB5YX2lGMm4KKOyjNV0g6tYvlv0OHrN7NadqDfljnyUe7WwMns0iRk0esFkNiSH4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Oct 2021 18:07:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=htt...

64 B
330 B

9ms
9ms

Image
image/gif

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Server: 13.32.121.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: EmHwHoMEIGsqE9TfwYgj_MciKKlLYUxBi7ncZs8Q9faUIGEEe5Cnyw==

Redirect headers

date: Wed, 27 Oct 2021 18:07:47 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1635358067573&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F
content-length: 319
x-amz-cf-id: uyo16SeMcGGs6rjPvTfDko2fYqDosOV6zycbCUFQpO4Zu8r5ddRXIg==

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame F4C6 0
24 B 67ms
66ms Other
text/html 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qTa2B8w/P8MSUr4B14RPYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-qTa2B8w/P8MSUr4B14RPYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-qTa2B8w/P8MSUr4B14RPYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-qTa2B8w/P8MSUr4B14RPYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 5 KB
2 KB 370ms
332ms XHR
application/json 104.16.42.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.42.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0866678e069b907d4246e782432ac16ed0153d2b8b49da888054317bc09583

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: b398ra3iq6
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6a4dddb33d7727bc-PRG

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
403 B 461ms
452ms Script
application/javascript 104.17.183.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.183.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dff6d654b6c8b1042a1dfed3cf2f5ffe166caa6b9bba2a7b3eb990bcc6a90c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: C0den1r6nCX
pragma
wn: prod-dash-10-0-127-206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6a4dddb319a3412c-PRG
expires: Wed, 27 Oct 2021 18:27:48 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1635358067677%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true

0
57 B

405ms
405ms

Image
application/javascript

108.174.11.37
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Server: 108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-37.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: WgIcsn/1sRZARsYPzSoAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXPWXi+IsRFCtScX8fvPA==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3B398045A01D45109E2E8543FC0031DD Ref B: PRG01EDGE1113 Ref C: 2021-10-27T18:07:48Z
date: Wed, 27 Oct 2021 18:07:48 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1635358067677&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 130ms
112ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1d5d75ca-8b1d-4f03-94bc-85c962e5f503&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Wed, 27 Oct 2021 18:07:47 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ec7c5c467f07272e94cf578fe46947839e774b5c5a5df21eaa3b1971865a090d
x-transaction: 4e3475d794bfa441
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
41ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23088598-1&cid=2019788381.1635358067&jid=870360143&_u=aGDAgEALAAAAAG~&z=529894368

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame F4C6 21 KB
6 KB 18ms
14ms Stylesheet
text/css 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6433
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:26:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Wed, 27 Oct 2021 18:16:38 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame F4C6 160 KB
57 KB 35ms
7ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qgYsa_r77Trr9nc-E0YoZXHXiDg/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

1efc80ef806cf3cbf55b2821b53edd91ce63af93dca5c8d0468dbb1d6a016a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57344
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 01:51:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 26 Oct 2022 20:01:19 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 74 B
260 B 184ms
172ms Script
application/javascript 104.16.11.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=38609&u=1&new=1&wst=0&wct=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.11.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914395c816217f5f36fd14147d998df0177959dcfbd0f1feb0ec2145485887c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a4dddb34f834137-PRG
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 27 Oct 2021 19:07:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 46ms
17ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1635358067706&cv=9&fst=1635358067706&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

10dd7afab6469b9250302c9a8e02f8c4783e1cd2d2244dead450cb1d765b90f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1042
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
2 KB 44ms
16ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1635358067709&cv=9&fst=1635358067709&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

d79ee48b41adcdf010d27965c43c65fc9607aef7df3f8d0ba770905512d32bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=62327033&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Placar%20Covid%20no%20Paran%C3%A1%20-%20Componente%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALAAAAAG~&jid=1263430805&gjid=1428946623&cid=2019788381.1635358067&tid=UA-70198534-1&_gid=129509643.1635358067&_r=1&_slc=1&cd1=infocoder&cd2=5294&z=2009919482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4C6 15 KB
15 KB 41ms
26ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454266

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 559552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 06:41:55 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 30ms
29ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-70198534-1&cid=2019788381.1635358067&jid=1263430805&gjid=1428946623&_gid=129509643.1635358067&_u=aGDAAEALAAAAAG~&z=123757106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 18:07:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1acCU-CcCBE.L.B1... Frame F4C6 37 KB
13 KB 35ms
10ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qgYsa_r77Trr9nc-E0YoZXHXiDg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

8894e5807356002e723c5f848fd12a1d00c6c098ee9434f6e81ce5d6240b67ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13636
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 19:52:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 26 Oct 2022 20:29:43 GMT

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1acCU-CcCBE.L.B1... Frame F4C6 100 KB
34 KB 28ms
9ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1acCU-CcCBE.L.B1.O/am=AgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4PZydufAY6MzgcURlTY4W_tI-WDg/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

76ca5467f8810d8aab93bce3ab2a9135bb3a798546894db94230f01f42c88439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34835
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 19:52:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 26 Oct 2022 20:29:43 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 49ms
49ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1635358067709&cv=9&fst=1635357600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=3373300672&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 50ms
50ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1635358067706&cv=9&fst=1635357600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2243738485&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame F4C6 422 B
274 B 40ms
40ms XHR
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-7322177012734370726&bl=boq_subscribewithgoogleclientserver_20211025.14_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=65268&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

c1437aa277939c2f0d171877ef8786151fa0ce29ee82d178cc89aa43728212b2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1acCU-CcCBE.L.B1... Frame F4C6 17 KB
7 KB 7ms
7ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.UUTbuSpwPUc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.1acCU-CcCBE.L.B1.O/am=AgAC/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4PZydufAY6MzgcURlTY4W_tI-WDg/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe49f883c0cb52c5eb86b9a0f4cd3a9ebcfb19516ea92454124d6873ea028c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7216
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 19:52:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 26 Oct 2022 20:29:43 GMT

POST
H2 200 log Show response
play.google.com/ Frame F4C6 131 B
491 B 93ms
65ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:47 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
101 B 169ms
160ms Script
application/x-javascript 104.16.11.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=f98971242436f623d795c7a1d09%7C0&acc=38609&tit=Gazeta%2520do%2520Povo%2520%257C%2520%25DAltimas%2520not%25EDcias%2520do%2520Brasil%2520e%2520do%2520Mundo&url=https%253A%2F%2Fwww.gazetadopovo.com.br%2F%253F&upd=1&new=1&ref=https%253A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&h1=undefined
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.11.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a4dddb4ba824137-PRG
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 132ms
102ms Preflight
application/json 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 27 Oct 2021 18:07:48 GMT
x-amzn-requestid: 7b5d9538-91ab-43ad-90fa-1887b5570785
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: H4RKKEJZIAMFQVA=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 11e35514d631a9a9566fd489de935c07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: eHsp_X6Vqh2DljKru2wVYF15O0CBYtoMJKZDlq9878ofKtZKLRvPgg==

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 504 B
871 B 305ms
298ms XHR
application/json 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 39698ce41079657012747cdfe722473832b28ce9fd660c8ebff338a9550bc231

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
via: 1.1 11e35514d631a9a9566fd489de935c07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 541d3e70-8b0a-4243-8e32-2cc00d4affe4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61799574-50c9bee6276360114b9a3ceb;Sampled=1
x-amz-apigw-id: H4RKNFVtoAMFtOg=
content-length: 504
x-amz-cf-id: IocPvfuVHio24Kp4LdYtX6KfzVRzBqQjF7F6mkAi69bqgRGgUrNCVA==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 133ms
115ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1d5d75ca-8b1d-4f03-94bc-85c962e5f503&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 27 Oct 2021 18:07:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e262167dfa92042d911d0b3f29e3549a461e5e3cf556219436b90e350519daf0
x-transaction: d600e2d6db746300
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame F4C6 131 B
152 B 87ms
71ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 60ms
43ms Preflight
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 27 Oct 2021 18:07:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame F4C6 131 B
152 B 88ms
72ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 57ms
42ms Preflight
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 27 Oct 2021 18:07:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame F4C6 131 B
152 B 88ms
71ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 56ms
42ms Preflight
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 27 Oct 2021 18:07:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 46ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&if=false&ts=1635358068031&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1635358068029.1876454375&it=1635358067553&coo=false&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 27 Oct 2021 18:07:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 46ms
8ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&if=false&ts=1635358068034&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.2.1635358068029.1876454375&it=1635358067553&coo=false&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 27 Oct 2021 18:07:48 GMT

GET
H2 200 ico-arrow-left.svg
assets.gazetadopovo.com.br/images/svg/ 127 B
500 B 8ms
7ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-left.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 16:01:26 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Mon, 31 May 2021 23:38:13 GMT
server: AmazonS3
age: 11930783
etag: "6ae51f29a6cffccc223655e32d23de10"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/svg+xml
content-length: 127
x-amz-cf-id: F01GG2ZTHryXi3VQT0_fbhnAnqUA-7V0ooJjTJxafWdzITBmT68kUA==

GET
H2 200 ico-arrow-right.svg
assets.gazetadopovo.com.br/images/svg/ 123 B
498 B 8ms
7ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-right.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:47:20 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:52 GMT
server: AmazonS3
age: 18166829
etag: "360b8c417ef8fc3088f833de9723ae18"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: GtRNjikBnM8HzT4OKSCe4EjSX0hdV8kAxzEs8HPD6fFydLrbAUGXwg==

GET
H2 200 tojson Show response
0emsuhyuec.execute-api.us-east-1.amazonaws.com/production/sheets/ 616 B
1014 B 362ms
329ms XHR
application/json 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://0emsuhyuec.execute-api.us-east-1.amazonaws.com/production/sheets/tojson?sheet_id=1Pn1D6-1SwjcjvVnigSTDUrgGfI3-xub00yvRMkRPIpI&tab_id=3
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7865205f95ce64f67024ecf18823f6f82eb2ef4429d734cdc538e6b4b025803

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amzn-requestid: 3f479d0b-2d53-4b3e-9f3b-bcb94b2ac48f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61799574-19a6aa216ea7e59522964f70;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: H4RKNFTxoAMFqtQ=
content-length: 616
x-amz-cf-id: kqmNKz_Wk0hpfMHxOE-ruxngMwf6DRpoYYDrHRQr3E0UjwdWOgp8KQ==

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 149ms
148ms Ping
application/json 104.17.183.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQg8zqRDLWhJLK9KjLlAcZdSfpwRQ8R1d_1GBkmJ6tu5MNN-EC2DCw2YRca0qJoRrHANBBD0Vh_u2QoIU_SeHN-pnpE7dJP1HZk6eDyQylalk8x5q7EXQ6phP4VHPUpBOqg&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A9198%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&pageview_id=kv9tywu51vh1acos&visit_id=v-kv9tywu98nfm2la0
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.183.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 execute Show response
c2.piano.io/xbuilder/experience/ 19 KB
4 KB 171ms
154ms XHR
application/json 104.16.42.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.42.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ffb6aba449b2ab9c7dde8da8b4b3d2059a49859ed660474092b0d0a9a9fad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: usdiourt9y
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6a4dddb7c9284120-PRG

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AEE6 0
18 B 16ms
7ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.gazetadopovo.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 27 Oct 2021 18:07:48 GMT

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 326ms
278ms Preflight
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 27 Oct 2021 18:07:48 GMT
x-amzn-requestid: 61eefe11-e029-4a57-973a-0afd1bc514b9
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: H4RKSGMXoAMFVsQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: EDclHYs-FwcFuQYTvlnBBEKJz8gWQY1OHyr_MWaywXMKuf3Cl7JNnw==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 322ms
320ms XHR
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: d64526eb2ee22f3d50584335dcb31ff6d32e112e6d03c6912face950b837d324

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
etag: W/"501-/hviazay1c5Rs0AS0qxSNFsYMTQ"
x-amzn-remapped-content-length: 1281
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:49 GMT
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKVGDAIAMFZsw=
content-length: 1281
x-amzn-requestid: eb536364-68fb-43bc-9066-7524f9977eb7
x-amzn-trace-id: Root=1-61799575-348738806432b0054107acf3;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: S3AMWeQ54C_KpgLK6LmcLtl13pk01XkTZsT_l5uQWdZIhpy4n4_Ndg==
x-amzn-remapped-connection: close

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 321ms
319ms XHR
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 3cd98560917ec38e4548d395b94d72bf62c45e6f9588560687f420cf3b07f446

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
etag: W/"501-KQTpMx6TkO4kHi1Hkiq0LECugEA"
x-amzn-remapped-content-length: 1281
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:49 GMT
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKVGYwoAMFVQw=
content-length: 1281
x-amzn-requestid: e105be61-7e92-4566-a3ad-bc26810d96fa
x-amzn-trace-id: Root=1-61799575-26d8b5d57264f4047f294a5b;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: _vIFmqEJ2ow4LuHLjViUmPcbR-oiAxM_RStJ-j-0fpruAPdJdpzhDQ==
x-amzn-remapped-connection: close

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 324ms
277ms Preflight
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 27 Oct 2021 18:07:48 GMT
x-amzn-requestid: 5c7602c2-1e0f-4096-a87f-66db2ebbed80
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: H4RKSETdoAMF8oQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: G57IHDdnABFYVqFpuEQEK6kMP6kdlVaWY-442lIPHkbrhkBQVpHlPg==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 277ms
277ms Preflight
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 27 Oct 2021 18:07:49 GMT
x-amzn-requestid: 80b2dfde-9c56-4490-ada9-fceaf8d8ce91
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: H4RKUEHYoAMFpyg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 7E4EV_1XMbUH5RFq_cUj5osPTB1E0-dDn7fXPztoauLV-vKo5ddf6g==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 583ms
583ms XHR
application/json 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 5a23f59f8fdcad14e9755e6ce7e0d102685164c009d4cb1f33209338029884df

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
etag: W/"4c5-agF0kppoosvXxbNrMEewT3XT97E"
x-amzn-remapped-content-length: 1221
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:49 GMT
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKXFFRoAMF75Q=
content-length: 1221
x-amzn-requestid: 9f22f2b5-f216-4590-8a76-e3b0562d368a
x-amzn-trace-id: Root=1-61799575-1380db38222373040b3a4173;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: AhIfiIte1aEsFXkrxYWni_mbfQV2FgQiYiG_wIOzX79sslLM6GJ6Dw==
x-amzn-remapped-connection: close

GET
H3 200 e6Ya311101.html Show response
cdn.privacytools.com.br/public_api/banner/pop/ 71 KB
10 KB 52ms
34ms XHR
text/plain 104.26.10.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/pop/e6Ya311101.html?t=1&m=0&c=1,630,463,908,911
Requested by: Host: cdn.privacytools.com.br
URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 908063262193df054b54faac0eabbeea2a8a1573b594a26a36c1074baf7ead6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 114649
etag: W/"1621991024492"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLOORaSnDZhX3qBmmvtZ4TbTgfC1VwI3m2hUxdkCcwgjDwqfZzfWkaLUhVA9sOJcC2JpOCpcCvj8HUuYcKS8QgEuWDY1hr6FmNz%2Fow847tBVylW9F1nI5Q7h3eg0f4aYKB8sCkB8f8Lw"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 6a4dddba7e1a4137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 A056DEB1D06DD767EA066BBC2F5A4DB3.png
cdn.privacytools.com.br/assets/de532b09-5832-4c77-b8a2-7353240c17d0/website/ 3 KB
4 KB 32ms
30ms Image
image/png 104.26.10.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.privacytools.com.br/assets/de532b09-5832-4c77-b8a2-7353240c17d0/website/A056DEB1D06DD767EA066BBC2F5A4DB3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76dbea41dd727043e419933741d4cc80b6f9e916054b52399d16669302257577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:48 GMT
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 05:25:32 GMT
server: cloudflare
age: 45736
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGNMk7QlCht%2BbQhETG6N4YeaI%2BmPGXdHt0yNrCO%2BMdf9esyTgwd8dBpLq3zKmgTPTMl%2BPI5csRafPsQwICA0UDTPlCo%2Fq2UIftQ4R1jhF7CUbAlwwG3fo9mvYdayQWrmSZEYAS%2BAlOzZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a4dddbaebdd27bc-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3072

OPTIONS
H2 200 /
comments.gazetadopovo.com.br/content/count/comments/ Frame 0
0 348ms
285ms Preflight
application/json 52.222.214.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22ebdb53e0-3725-11ec-aad3-2d413ce4ef4d%22,%221248df10-3736-11ec-8989-154f7f11e203%22,%22781b9070-374b-11ec-9a7a-a91dd9f03339%22,%2274507eb0-374b-11ec-9a7a-a91dd9f03339%22,%227859f5a0-3722-11ec-aad3-2d413ce4ef4d%22,%224d8f15e0-3735-11ec-8989-154f7f11e203%22,%2225af89f0-36be-11ec-ab3f-5bf82d8d4429%22,%22173caed0-3735-11ec-8989-154f7f11e203%22,%226387d6f0-36b5-11ec-9024-f7b93ae0aceb%22,%22daa714a0-3735-11ec-8989-154f7f11e203%22,%226dece4d0-36a8-11ec-bf85-59e423c3594c%22,%22b33b1cc0-3697-11ec-944b-b9b7d0f35c96%22,%22d2d57d80-372f-11ec-ad3a-9fc321c1e74b%22,%22a26d7800-372a-11ec-90b1-ddbe9f737683%22,%22e575c4c0-36af-11ec-85cd-6160b4589549%22,%2269807710-36b5-11ec-9024-f7b93ae0aceb%22,%223af6e8d0-36a0-11ec-963e-d3dae92759ff%22,%2273f9be50-36aa-11ec-bf85-59e423c3594c%22,%2204acfffc-fa23-465d-a755-eb5f31b14feb%22,%2272572b80-36a2-11ec-963e-d3dae92759ff%22,%2223737ca0-36be-11ec-ab3f-5bf82d8d4429%22,%22bd99e270-3721-11ec-aad3-2d413ce4ef4d%22,%22e92eda50-369d-11ec-a8ba-8f453744807f%22,%22b2cb87b0-36bb-11ec-ab3f-5bf82d8d4429%22,%227a39aac0-3725-11ec-aad3-2d413ce4ef4d%22,%228fe9f550-369e-11ec-a8ba-8f453744807f%22,%22560828b0-371c-11ec-ab52-41fccbe5b23a%22,%22b0a1d670-36a6-11ec-9280-11ae20d4dd0c%22,%2281a21380-36a1-11ec-963e-d3dae92759ff%22,%2260dcc720-35e4-11ec-a1a1-5f408d6eb888%22,%2281f2e500-3514-11ec-b579-75450807036d%22,%22e11a4df0-366f-11ec-a75d-03458fd73320%22,%22caf077c0-3660-11ec-997a-c5f12a7e97e6%22,%2266a5f260-365e-11ec-997a-c5f12a7e97e6%22,%22649beff4-ad02-4667-bbd9-bc08df3782ef%22,%2200a9c390-3697-11ec-944b-b9b7d0f35c96%22,%22aa0bed50-35d4-11ec-a387-bfee51d84ab5%22,%22a8eae8e0-3453-11ec-819e-093316327eda%22,%22b6824270-336b-11ec-a53b-f98eccf150e0%22,%22b2bddcc0-3281-11ec-b893-bfc38ec2d0de%22,%22b197edc0-35cb-11ec-80e9-b3a79f999874%22,%223ab7ddb0-35d4-11ec-a387-bfee51d84ab5%22,%22e8dd7540-31d7-11ec-90a3-a391a2b5e116%22,%2239b10e60-329a-11ec-926a-250caa2d29ce%22]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-129.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 27 Oct 2021 18:07:50 GMT
x-amzn-requestid: 75ba73e5-7142-4207-b085-0c4f58a5a03e
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token
x-amz-apigw-id: H4RKeG3toAMFaMA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront), 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1 FRA56-P3
x-cache: Miss from cloudfront
x-amz-cf-id: xkrk7EnvSpvzpD8t37MZByhiI6GlnT2hGSEUmJMCC_IChAbIMvibxQ==

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 288ms
276ms Preflight
application/json 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 27 Oct 2021 18:07:50 GMT
x-amzn-requestid: 13850050-58f2-4596-834f-41f7314ed865
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: H4RKeFy3IAMFyEw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront), 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1 FRA56-P5
x-cache: Miss from cloudfront
x-amz-cf-id: wbYzTnoILHiuowFBilsAjOc7NGJLERvTc1KHyNx0vEWm8mUgNGfBLw==

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 149ms
108ms Preflight
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 27 Oct 2021 18:07:49 GMT
x-amzn-requestid: 2b6809d1-5216-45d6-b8ab-78bb1e87ef47
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: H4RKdEgYoAMF-pA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1 FRA56-P2
x-cache: Miss from cloudfront
x-amz-cf-id: dDtfhqJRUvjIDyTeOvZvSpf8K49Q3xMfMHQuz8hg3i65f8FGsWt3vA==

GET
H2 200 como-o-embargo-da-china-pode-ou-nao-aliviar-o-preco-da-carne-no-brasil.json Show response
json.gazetadopovo.com.br/economia/ 33 KB
9 KB 85ms
13ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/como-o-embargo-da-china-pode-ou-nao-aliviar-o-preco-da-carne-no-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e0827daff6d9baa80b02f8d0c386995493de951330be4e51074754b03a9f92b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3a37c48d3c6234bf0158f8676e70566d"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:32:28 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: GVBAomaifzda7mULHYYjlOOkzNCP4rY6_VW6v9r2E8rHk_SgJ7P1nA==

GET
H2 200 taxa-de-juros-pode-ter-a-maior-alta-desde-a-eleicao-de-lula-em-2002.json Show response
json.gazetadopovo.com.br/economia/ 29 KB
7 KB 125ms
54ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/taxa-de-juros-pode-ter-a-maior-alta-desde-a-eleicao-de-lula-em-2002.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed80f8b280b3966ae6ce418fa8d5342ac7cda41e5e77a9fb92034a8c1a878dbb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bf31eb7e87530284cb8999f6905f7fdb"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:15:14 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QlF3mO-htvZ6WmuxloZ0ARgf4FVIVpKvcB90jYXRILHU8FJdxPp4Qg==

GET
H2 200 rodrigo-pacheco-se-filia-ao-psd.json Show response
json.gazetadopovo.com.br/republica/ 26 KB
7 KB 110ms
39ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/rodrigo-pacheco-se-filia-ao-psd.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778900368280e92c187004df20e152130187cb49b9be56e8a9cfb816f3f489e0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:01 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 169
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 18:00:35 GMT
server: AmazonS3
etag: W/"56799d0b24eba7109f7045d5163c7855"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
content-type: application/json
x-amz-cf-id: P7LJ_j-imJs86QIeRsIp0i3kRdWxyb2jch3dBaM-pqzbS1hZpFmaWQ==

GET
H2 200 aras-recebe-relatorio-final-da-cpi-e-diz-que-comissao-ja-produziu-resultados.json Show response
json.gazetadopovo.com.br/republica/breves/ 15 KB
4 KB 489ms
419ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/aras-recebe-relatorio-final-da-cpi-e-diz-que-comissao-ja-produziu-resultados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95203e1fa78db935eca062c382e421567370cefd8c5693c85a2c7165a5a57da3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6a6a3d4127e08fbadebb28ef88e4012b"
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 18:00:33 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:51 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: glrTllaVblL2u79Aqjn62i1lkFG7xTB-hZkfjuh_V8EWeMc7bFs44g==

GET
H2 200 nao-queremos-vinganca-diz-omar-aziz-ao-entregar-relatorio-da-cpi-a-pgr.json Show response
json.gazetadopovo.com.br/republica/breves/ 15 KB
4 KB 489ms
419ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/nao-queremos-vinganca-diz-omar-aziz-ao-entregar-relatorio-da-cpi-a-pgr.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6eeecd6bd3c9ea80b052041540420a80f972405b068c38139234fb43adf880c4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b8f0613fb316e5801d911b10af4bae66"
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 18:00:22 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:51 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QWivHtYsCcIrhHsIkTEdTi5AjTWpz3BBry7hlDx_TmcTWXTk9BbM7g==

GET
H2 200 jogador-de-volei-e-afastado-de-time-em-mg-apos-criticar-ativismo-lgbt.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 40 KB
7 KB 104ms
34ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/jogador-de-volei-e-afastado-de-time-em-mg-apos-criticar-ativismo-lgbt.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dc65c3007d1fe13b1f2858fe945ab09977bbdaa75d479f5611c1e167a66d60a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f2630488f2db6dc77e24444f6466c56c"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:12:21 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QNrUuc8ixC67hpuuuU_X1N-NQNqBg_yhtdV552rWIgdj1BF49fPK9w==

GET
H2 200 e-uma-estatal-que-so-me-da-dor-de-cabeca-diz-bolsonaro-sobre-a-petrobras.json Show response
json.gazetadopovo.com.br/economia/breves/ 16 KB
4 KB 88ms
19ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/e-uma-estatal-que-so-me-da-dor-de-cabeca-diz-bolsonaro-sobre-a-petrobras.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48e42f55b8ded967bc4c432c75beeef71233188073c7335413f8dec067395f21

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c95b848d98af83e32251892de26ffac2"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:05:11 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 8dl-OzBy9Kxe89zKZbGEEL7__sGAppkrRp0F7pQW8ZOTyyVXPVvsQg==

GET
H2 200 a-privatizacao-da-petrobras-no-radar.json Show response
json.gazetadopovo.com.br/opiniao/editoriais/ 29 KB
6 KB 87ms
19ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/editoriais/a-privatizacao-da-petrobras-no-radar.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29f927c276cd3f2aea080625d9185771d47e0e4fdc7bd0a4926bfda7e9cb3494

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b9b9d8317c80f5f8d66c9b39595ea5ae"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:00:30 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: VLj03VkcnrBFKNboAT7M44o7Gy9_tcSxsfI7R-jv7zSHYEdPN_LqQw==

GET
H2 200 melhores-experiencias-de-gastronomia-no-castelo-saint-andrews-em-gramado.json Show response
json.gazetadopovo.com.br/conteudo-publicitario/castelo-saint-andrews/ 122 KB
17 KB 87ms
20ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/conteudo-publicitario/castelo-saint-andrews/melhores-experiencias-de-gastronomia-no-castelo-saint-andrews-em-gramado.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acc12c15e7fb06629d0d9f5dff43a200fc8fe93d2db10a26e82238bd4ea60ff5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a54589ae2b910ddbbc33fcf607045d89"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 09 Aug 2021 17:58:10 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: O0OnLGaf1ymUdw3mlCiZs5durMOyfMWxExS_Bis-u6gvhYALaEzYnA==

GET
H2 200 querem-calar-bolsonaro-mas-constituicao-proibe-censura-previa.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 67 KB
9 KB 116ms
49ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/querem-calar-bolsonaro-mas-constituicao-proibe-censura-previa.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd36f0144ce39a25335a57083c879abd621ef5d350f9d19d4fb37373ecb98342

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"09717be424d76a012c3d5c6dc539e9e6"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 00:38:27 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: bs80m0LMA3oRAIv3NV7URAZy_0uKebSY3q0H9FizefgIRzPO8mX9NA==

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/querem-calar-bolsonaro-mas-constituicao-proibe-censura-previa.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd36f0144ce39a25335a57083c879abd621ef5d350f9d19d4fb37373ecb98342

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"09717be424d76a012c3d5c6dc539e9e6"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 00:38:27 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Vdy3vMbLLwc5UPA0h1m1N9j95HN9keXelznIZUZ_b4letqRqS7qBEQ==

GET
H2 200 bolsonaro-lira-excedente-do-teto.json Show response
json.gazetadopovo.com.br/vozes/guilherme-macalossi/ 62 KB
9 KB 111ms
45ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-macalossi/bolsonaro-lira-excedente-do-teto.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a9c508da586d17cbc5cbff283222c1fa809ea9a10fc5ae46af8f9da6b48f52e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"77676c3da2c5029f17ac7c2be244e04e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:53:59 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: egnk-0OjcB-470qmDFEi90vaNejSWXkiQ-1pC_vCBXV_fq020kTqug==

GET
H2 200 bolsonaro-lira-excedente-do-teto.json Show response
json.gazetadopovo.com.br/vozes/guilherme-macalossi/ 62 KB
9 KB 110ms
44ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-macalossi/bolsonaro-lira-excedente-do-teto.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a9c508da586d17cbc5cbff283222c1fa809ea9a10fc5ae46af8f9da6b48f52e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"77676c3da2c5029f17ac7c2be244e04e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:53:59 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: kRvta6E3D2lInW6PJ4FDhDQkB-hM2X9WvFxADFVofF70EKqPy6yfyg==

GET
H2 200 o-circo-sovietico-chega-ao-fim.json Show response
json.gazetadopovo.com.br/rodrigo-constantino/ 10 KB
3 KB 79ms
14ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/rodrigo-constantino/o-circo-sovietico-chega-ao-fim.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3092d1870aed6d6d709a5bb1dc6b223d529fa70e69ff06ee2531b04474086d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"546e86cccfeab4ec5905c4fa386e9c35"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:19:34 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fQDhCJixxjLsBSE641gRGuPXgvqQ_Dib96uEoWvSs1s2dcaWj1UdRg==

GET
H2 200 o-circo-sovietico-chega-ao-fim.json Show response
json.gazetadopovo.com.br/rodrigo-constantino/ 10 KB
3 KB 79ms
14ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/rodrigo-constantino/o-circo-sovietico-chega-ao-fim.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3092d1870aed6d6d709a5bb1dc6b223d529fa70e69ff06ee2531b04474086d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"546e86cccfeab4ec5905c4fa386e9c35"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:19:34 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vdQHNxYvuLzI9QGvgah-jY1FGDwyxlT9i7-lO6EoZJyg-XZ0M5fRLA==

GET
H2 200 papai-noel-x-papai-marx-qual-vencera.json Show response
json.gazetadopovo.com.br/vozes/daniel-lopez/ 64 KB
10 KB 92ms
27ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/daniel-lopez/papai-noel-x-papai-marx-qual-vencera.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fcbf8f826610a94869ae066775452682c44e8f245cc9724fc4a8b4d66e58f19

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6828b1b955bb73879105eb22a5b2329e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 00:51:51 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: w213-WWk_ITpAZhV7iAcDlAaN8pEJlLipXmEtWJZlOhj-XKRRgkDLQ==

GET
H2 200 papai-noel-x-papai-marx-qual-vencera.json Show response
json.gazetadopovo.com.br/vozes/daniel-lopez/ 64 KB
10 KB 103ms
38ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/daniel-lopez/papai-noel-x-papai-marx-qual-vencera.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fcbf8f826610a94869ae066775452682c44e8f245cc9724fc4a8b4d66e58f19

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6828b1b955bb73879105eb22a5b2329e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 00:51:51 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 7OiouxcsxA5F4IN1VssczX5uKVkmxjaABhScmZwI7YI90SwjmyPOyA==

GET
H2 200 o-que-faz-para-que-serve-ministerio-publico.json Show response
json.gazetadopovo.com.br/vozes/thamea-danelon/ 58 KB
9 KB 91ms
27ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/thamea-danelon/o-que-faz-para-que-serve-ministerio-publico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15103bffe388c0f7cdc7e5199d79efdb18b51ebfd37fe82c02b5e9d461bf0240

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"13e89ecbbc12ffa949f4f3893ea5e522"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 17:40:52 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: NECBAE93Aylon0AU8RN_Soj2k6w4mb-cobXIYSkcfYqraxqQmKCX_A==

GET
H2 200 o-que-faz-para-que-serve-ministerio-publico.json Show response
json.gazetadopovo.com.br/vozes/thamea-danelon/ 58 KB
9 KB 89ms
26ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/thamea-danelon/o-que-faz-para-que-serve-ministerio-publico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15103bffe388c0f7cdc7e5199d79efdb18b51ebfd37fe82c02b5e9d461bf0240

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"13e89ecbbc12ffa949f4f3893ea5e522"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 17:40:52 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ot0pCBXNuFybpzY1uMKojp19HhM2SuU13mKSmEeat3D00v0n9pSL6Q==

GET
H2 200 andre-reboucas-o-maior.json Show response
json.gazetadopovo.com.br/vozes/paulo-cruz/ 90 KB
19 KB 119ms
55ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/paulo-cruz/andre-reboucas-o-maior.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64f9c7cbdf4b4f907181b6967cf529fa4dcdad013e962a6d43deaeaa24166677

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"cb30b0e85dde4109c0aa2c1bea6e703a"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 04:31:44 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: bDMkij4qda3ktefh1HHpp9qPcDoNPblms7qpMTCaaXBCILnLCJ1sXA==

GET
H2 200 andre-reboucas-o-maior.json Show response
json.gazetadopovo.com.br/vozes/paulo-cruz/ 90 KB
19 KB 119ms
56ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/paulo-cruz/andre-reboucas-o-maior.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64f9c7cbdf4b4f907181b6967cf529fa4dcdad013e962a6d43deaeaa24166677

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"cb30b0e85dde4109c0aa2c1bea6e703a"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 04:31:44 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: kMKIKI-wa5jNczj1JZjkB2eTlIlske8NXDPFA2rx1dPG5lUP6tPO-w==

GET
H2 403 nao-e-so-auxilio-o-que-a-pec-dos-precatorios-pode-bancar.json Show response
json.gazetadopovo.com.br/stories/ 243 B
657 B 481ms
418ms XHR
application/xml 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/stories/nao-e-so-auxilio-o-que-a-pec-dos-precatorios-pode-bancar.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0280a7b1d4a03737a7f010a70d137095161ff4b34ed444df8b50724e48de55e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-cf-id: ok1pYMY1vFvDa87IBk1q8T0fVuhRgKEi0nXS65sm64LRtL8HthT5FQ==

GET
H2 200 desemprego-no-brasil-cai-para-132-no-trimestre-encerrado-em-agosto-diz-ibge.json Show response
json.gazetadopovo.com.br/economia/breves/ 14 KB
4 KB 123ms
61ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/desemprego-no-brasil-cai-para-132-no-trimestre-encerrado-em-agosto-diz-ibge.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 147865254662a7ed2a4e4994e580e8f0c3d2babea25bd037571871dc8e32c31d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"81dcc6355d85e0a2388226a71c891578"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:45:31 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: VzXme5xgYOcjB26UcgMwdOeZ3BT3dndTBcGxbsV-wFrT4EcNe54c9Q==

GET
H2 200 o-que-esta-em-jogo-no-pedido-de-extradicao-de-allan-dos-santos.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 33 KB
7 KB 111ms
50ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/o-que-esta-em-jogo-no-pedido-de-extradicao-de-allan-dos-santos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca26c1775554aa86b1e634582c3d6a7bc63ba0b0e593337758a14515ad858010

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"63c06f9b63c999858b129829062a6344"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 13:27:43 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: kc-uiq8lHMX_DlsWThzsJDlAu3-R9R2IZDAQn53d0J7QgEP0dV3AwQ==

GET
H2 200 lider-de-gangue-armada-do-haiti-bloqueia-combustiveis-para-exigir-renuncia-de-premie.json Show response
json.gazetadopovo.com.br/mundo/ 32 KB
7 KB 85ms
23ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/lider-de-gangue-armada-do-haiti-bloqueia-combustiveis-para-exigir-renuncia-de-premie.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec0bd2b08c50df25423769688b10ce2081bb4f7d9dd5c8f30e1361795f82afc4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7146fad56e026e86bb85e3d4dceab471"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:05:14 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: bBcJarqy5CqIgS4gGRgc1TtwDuh0PBA2DSdIC1NJCrW55tsupYs8Bw==

GET
H2 200 ideias-210-contos-de-fada-para-a-geracao-assustada.json Show response
json.gazetadopovo.com.br/ideias/ 13 KB
3 KB 97ms
36ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/ideias-210-contos-de-fada-para-a-geracao-assustada.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb493f8ca145a89c8e12732edf82b7c431d199322032b68daa17ee802ae8aa37

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a6cf17a9e2be5d08b3d7ed148f6f3570"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 22:05:56 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: IDSFHN3Fhg_5QbzDBhcAXBzJ4YqUlkkCzaIGI_exoKuMr73dKPVGKA==

GET
H2 200 100-startups-brasileiras-mais-atraentes-corporacoes-2021.json Show response
json.gazetadopovo.com.br/gazz-conecta/ 33 KB
5 KB 101ms
40ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/gazz-conecta/100-startups-brasileiras-mais-atraentes-corporacoes-2021.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec1475b247727eafc6fb517ce6e610526639e1fe95a9e7f198659588a9b28ca8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ac58f1aebdf8f992e9098bab1990cafb"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:14:55 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 9oiW_-iGwf865EhFem6Hujo0og84g7mGfM313eOxmoD-hM2cvLCXGA==

GET
H2 200 positivo-fecha-parceria-com-chinesa-e-traz-nova-linha-de-smartphones-para-o-brasil.json Show response
json.gazetadopovo.com.br/vozes/parana-sa/ 60 KB
8 KB 95ms
35ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/parana-sa/positivo-fecha-parceria-com-chinesa-e-traz-nova-linha-de-smartphones-para-o-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f06c2d39148f7bf2e6e5a45d6d8985aa6d5b7dc7663f64e1761f4d66b67a9f36

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6122cbbd5c49036a0683e8975740c177"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:19:34 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zca0hDxOIBDqkqHxlvxLqcSX-773bZvbuRtvkU1P4OX3xtpEc7RH8Q==

GET
H2 200 ferramenta-acelera-pagamento-conta-restaurante.json Show response
json.gazetadopovo.com.br/bomgourmet/negocios-e-franquias/ 52 KB
7 KB 96ms
36ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/bomgourmet/negocios-e-franquias/ferramenta-acelera-pagamento-conta-restaurante.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c47de516d56c4fb95cfe46a98c2916a1adda20da42f6e60e2f0f4c9f9c2bc75

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"59ee085ed0b07525e3108500e1f157ef"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:16:57 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ybUFKsUWr2zoB1SAN_QXi5V2fYh4ZJmsi-OPcN0Kv8k4ZERC5LboEw==

GET
H2 200 por-palanque-para-sergio-moro-podemos-podera-ter-candidato-no-parana.json Show response
json.gazetadopovo.com.br/vozes/roger-pereira/ 65 KB
10 KB 86ms
26ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/roger-pereira/por-palanque-para-sergio-moro-podemos-podera-ter-candidato-no-parana.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7d2f5805c98a26b70271152de9aeaeaf1d24f0e09a117d0375450025a1a5b3f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"93c79dc30367c96ca22ed333dd86cf25"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 22:56:23 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ysP0j4txQyzYgd0UJVTn3vm5s8Sh7pU6LhvpC0jChsMpz5Yi17c8Uw==

GET
H2 200 ratinho-jr-posse-nova-gestao-movimento-pro-parana-2021-2023.json Show response
json.gazetadopovo.com.br/parana/ 22 KB
6 KB 121ms
62ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/ratinho-jr-posse-nova-gestao-movimento-pro-parana-2021-2023.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a34a772480a9b13a781ad68262626cad935c24e033e43625a7a5634314dc6fd0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"87a78e56580fa74f2970271fc6dee391"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 16:19:49 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: xoZA7jwJ7ixnhbjaHfotTMSnOE9I7tLJg7ZfkPNmic-OxBun-w87Sw==

GET
H2 200 com-servicos-aquecendo-parana-tem-novo-saldo-positivo-de-empregos-em-setembro.json Show response
json.gazetadopovo.com.br/vozes/parana-sa/ 62 KB
8 KB 120ms
61ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/parana-sa/com-servicos-aquecendo-parana-tem-novo-saldo-positivo-de-empregos-em-setembro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b93d7375def0bc8fa57bbb46b7aa8f55e270614089afd1d10379ac36f0da3f59

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"98d42c42a903774aef74a0d2134018d4"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 21:04:13 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 3O0OYf1t7WRyhNx0-2rU6l2YmKDSbX-iN5mLpiaItswW4iXQ1YWFmQ==

GET
H2 403 revitalizacao-da-orla-de-matinhos-as-obras-e-os-prazos.json Show response
json.gazetadopovo.com.br/stories/ 243 B
659 B 460ms
402ms XHR
application/xml 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/stories/revitalizacao-da-orla-de-matinhos-as-obras-e-os-prazos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa624e0eb74682aea7ce4d1d669db8da3a445dd0a3439e8569ce103278aac7a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-cf-id: 5gYzaF-DUGO3t9W_UVpQC_RrgIG_JdhObB5HF6LTCLoTQOppytuHUQ==

GET
H2 200 com-demanda-forte-klabin-reverte-prejuizo-e-lucra-r-12-bi-no-terceiro-trimestre.json Show response
json.gazetadopovo.com.br/vozes/parana-sa/ 61 KB
8 KB 83ms
25ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/parana-sa/com-demanda-forte-klabin-reverte-prejuizo-e-lucra-r-12-bi-no-terceiro-trimestre.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0c87c5224295c4fe0eb950c37317e5853d35ecfecabdf57d2178c211f843576

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"98083b1f5f50bf684b1b19414f346cdb"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 22:23:10 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: b-WR-AIQO98mTYMqtZR40yldl14yvdxotqFAgCrrTavpkeQSMEyYeA==

GET
H2 200 golf-residence-em-foz-do-iguacu-e-sinonimo-de-qualidade-de-vida.json Show response
json.gazetadopovo.com.br/conteudo-publicitario/village-iguassu/ 120 KB
17 KB 80ms
22ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/conteudo-publicitario/village-iguassu/golf-residence-em-foz-do-iguacu-e-sinonimo-de-qualidade-de-vida.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bab6e50d40f8da4bf9a66a69f0009c2e6fbb7410d4f17c58ab7801fa781b84c8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b4c60a966360b5efa4c32bcd2a2a6e82"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 14:41:34 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fk3c0CHvQBkajq7FUV4vKdpHrochzBaBmNdinWfsyeY3IN5ZhhnZPQ==

GET flamengo-x-athletico-escalacoes-provaveis-como-assistir-data-e-horario-copa-do-brasil.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/ 0
0

GET o-que-esta-em-jogo-para-o-athletico-na-semifinal-contra-o-flamengo.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/ 0
0

GET contra-o-flamengo-furacao-nao-e-franco-atirador.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/ 0
0

GET com-dois-titulares-remanescentes-athletico-busca-repetir-historia-no-maracana.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/ 0
0

GET coritiba-empata-em-maceio-e-ja-pode-marcar-o-dia-da-volta.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/ 0
0

GET luizao-assina-renovacao-com-o-coritiba-feliz-e-motivado.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET
H2 200 3-novos-edificios-em-curitiba-com-projetos-elegantes-e-contemporaneos-anuario-haus-2021.json Show response
json.gazetadopovo.com.br/haus/anuario/2021/ 91 KB
8 KB 90ms
35ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/haus/anuario/2021/3-novos-edificios-em-curitiba-com-projetos-elegantes-e-contemporaneos-anuario-haus-2021.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 897405c3c5fad9826d268f7842df3e57d476fe55940141c285c19dec53f4fc32

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"60f97f5cad29461fb01bcf803d5d12b4"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 12:36:31 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: wENWI-w0AXgfIyYLwqIbF4yg6cQNggxYhvI4KezLpYrBS5RoacKHBQ==

GET
H2 200 cinepolis-promove-sessao-com-ingresso-a-10-reais.json Show response
json.gazetadopovo.com.br/pino/cultura-pino/ 20 KB
4 KB 95ms
40ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/pino/cultura-pino/cinepolis-promove-sessao-com-ingresso-a-10-reais.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fac9261277f9c13d359f58c90340164440759b7843d339cf222d4f61e7ac6599

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4e85bf00a33e50469a8672b8ac35b4e8"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 20:47:36 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tnbTSmuNl678eh2IT3aH5EHPPasVxv6bamVvQQMHhRvW6D6EN-Nm5g==

GET
H2 200 invasao-hacker-revela-como-maduro-acolhe-e-protege-integrantes-do-hezbollah.json Show response
json.gazetadopovo.com.br/mundo/ 26 KB
6 KB 96ms
41ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/invasao-hacker-revela-como-maduro-acolhe-e-protege-integrantes-do-hezbollah.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1b192017f38eb63f9b655e507a62851961e119d135263289d263feac8981b5b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a8826d63fc9e71222f931fa1c26fe836"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 00:37:18 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Xs7uAxRlvmuEDqnGyhN81-6y8yJomWMHw5UwysNiys4waL_uEevhsg==

GET
H2 200 maduro-critica-declaracoes-sobre-vacina-e-chama-bolsonaro-de-imbecil.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 116ms
61ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/maduro-critica-declaracoes-sobre-vacina-e-chama-bolsonaro-de-imbecil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d037f7cba17758b917be4836bbba0716d8f915d54e30b6814e157f54defe427f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1b1142b85b011b65f6ec6e0b4c1f601e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 11:20:21 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: LUuuXh7w2LjTysWEbAMsPVcvhm_iqZhD1jksU_BaS_0IORZcCZ4IRQ==

GET
H2 200 com-direitos-politicos-cassados-eduardo-cunha-diz-que-sera-candidato-em-2022.json Show response
json.gazetadopovo.com.br/republica/breves/ 17 KB
4 KB 106ms
52ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/com-direitos-politicos-cassados-eduardo-cunha-diz-que-sera-candidato-em-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f1ce7a234950f0aaa9ac2a7df59354325a4d4133ede54fff8e28c53c5b0e9f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"baceb7e88e810b0086be6eab8e61e7c5"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:12:17 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: PJew-OD2A-KsE8oHH_0eRf11bDEzKgH2lKMB5EhQ_1satxhqPaX1AA==

GET
H2 200 pl-ameaca-romper-com-o-governo-se-bolsonaro-nao-se-filiar-ao-partido-diz-jornal.json Show response
json.gazetadopovo.com.br/republica/breves/ 20 KB
4 KB 93ms
39ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/pl-ameaca-romper-com-o-governo-se-bolsonaro-nao-se-filiar-ao-partido-diz-jornal.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134714a051b3ccfd97008fab252ed53ce92c09fc93fa024ed428601abfe6e1c9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3999ed501697e0045b25e808c42d31d8"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:12:20 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: RbfrLTiTa_M2PFLN1DoxUivv54C6biLbJ5IhAHPQ8JDT_1P5YThaww==

GET
H2 200 audiencia-executivos-youtube-tiktok-snapchat.json Show response
json.gazetadopovo.com.br/mundo/ 25 KB
5 KB 87ms
34ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/audiencia-executivos-youtube-tiktok-snapchat.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 841e868069d20bea49dee98335e606664e2eecec9db4484f1627692fabdbbd03

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c09ad89377363fcb9a585f19e9e0a22b"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 20:52:17 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Z40Omakn3Udhi18H7CcUqeehnTcerWo9zJkYsoORjZ4HqApQF_b87A==

GET
H2 200 jornalista-nao-pode-publicar-videos-no-youtube-com-dados-que-contrariem-oms.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 30 KB
6 KB 97ms
43ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/jornalista-nao-pode-publicar-videos-no-youtube-com-dados-que-contrariem-oms.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69a4997a104bc6b841f58b65a29ccc37f74c9c64608f3cbf9029374d83e99695

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7aa18969d4d032f68b21f5ccd34639d2"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 23:30:36 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 1u4qThpLRdRwby3dJ1Pbq9mrvx79mATgBv4Bik0We8mwX05iNDKwCg==

GET careca-do-talco-torcedor-fluminense.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/ 0
0

GET
H2 200 a-pressao-por-pensamento-unico-na-direita-parte-1.json Show response
json.gazetadopovo.com.br/vozes/bruna-frascolla/ 64 KB
12 KB 111ms
58ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/bruna-frascolla/a-pressao-por-pensamento-unico-na-direita-parte-1.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 757253aed16a4d35fb0c2ae0990af43140a2da9ff14878fed113c8e91f1f876a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bb1605b8166da2b2c6f1a7f1b91ed4bd"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 21:50:40 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: uV6-uW2HN7UHwLeAxwVfpmaJQYd_bpL7LW-6xsOSI3uiOiWsFfqXJw==

GET
H2 200 netflix-da-apoio-a-chappelle-mas-ainda-rejeita-os-conservadores.json Show response
json.gazetadopovo.com.br/ideias/ 18 KB
5 KB 107ms
55ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/netflix-da-apoio-a-chappelle-mas-ainda-rejeita-os-conservadores.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa251469e9cd216c2d9dec0a2938616ef395f922bcf78ee33913fbfc13377cd8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"463a3a31a0cce5fbe2599602c16b705e"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 21:17:36 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fUtyj9XsdwbqqR-7weyIU3C9D7rNCnr9ojuCXslJb-66EQoK2N0FBw==

GET
H2 200 biologia-e-a-melhor-explicacao-para-diferencas-de-escolha-de-carreira-entre-homens-e-mulheres.json Show response
json.gazetadopovo.com.br/ideias/ 37 KB
8 KB 92ms
40ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/biologia-e-a-melhor-explicacao-para-diferencas-de-escolha-de-carreira-entre-homens-e-mulheres.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5bf089c01a9adf149949340b889cb9173b4dd6549db4061f9ccde585eade351

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"275957e3ab27c94a9b6b2e5b6d8d36f2"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 17:12:28 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Mwt4ugRTinSmjt_9xwPYdUmp-OS5YBxAi5HIdoKbJh__3Ly1utyVmw==

GET
H2 200 big-brother-comunista-nem-dentro-de-casa-uigures-escapam-de-repressao-da-ditadura-chinesa.json Show response
json.gazetadopovo.com.br/ideias/ 35 KB
8 KB 104ms
52ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/big-brother-comunista-nem-dentro-de-casa-uigures-escapam-de-repressao-da-ditadura-chinesa.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2043645ef931296f9a342ee361a5e9b1bdefb91718765514acc15167d5f7b360

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"14347a5957be68011f9235fdfadaf9cd"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 24 Oct 2021 21:51:36 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: -cGuuplqbeAbff55_A2vp_QJHs9LoaWdh5eyE-mEh-1RnPRbvHiD5A==

GET
H2 200 5-sinais-de-que-a-crianca-precisa-de-apoio-psicologico.json Show response
www.semprefamilia.com.br/json/pais-e-filhos/ 14 KB
15 KB 468ms
421ms XHR
application/json 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/pais-e-filhos/5-sinais-de-que-a-crianca-precisa-de-apoio-psicologico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95dcb4729e461eaa9a06e8e72533aae86ca01f5a6fa87e7f43261a9b799819d4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
etag: "32b9b0771c2b054c0713cf77e30e75e8"
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
content-length: 14682
last-modified: Tue, 26 Oct 2021 15:17:49 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:51 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: CDRkmCOOWL9IPCIET_CtdOZt40N1I__n0YYMdK8EEsECJ1RLiBB4sw==

GET
H2 200 decoracao-para-o-halloween-2021.json Show response
json.gazetadopovo.com.br/haus/decoracao/ 79 KB
10 KB 109ms
58ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/haus/decoracao/decoracao-para-o-halloween-2021.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da2ec51c7e1c950ae18d4b75265bce0e9b40affab477bbf23b7e97f16a64be24

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"34f514df243f2fb051555824f7f41af8"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 13:33:18 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 0Bed95tu7XgITa65RYLpF_hgz7YY_ShasP7lgnWfp4xMH24vEh5eSQ==

GET
H2 200 o-que-ensinar-a-criancas-e-adolescentes-quando-elas-nos-veem-perder-a-calma.json Show response
www.semprefamilia.com.br/json/pais-e-filhos/ 17 KB
18 KB 468ms
422ms XHR
application/json 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/pais-e-filhos/o-que-ensinar-a-criancas-e-adolescentes-quando-elas-nos-veem-perder-a-calma.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fbba749e315ec87f829d6584f70436d6ca094e75d8a2512ef0245ca3461197a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
etag: "59ff159a7851fce987dd08dbc9cd8b90"
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
content-length: 17627
last-modified: Tue, 26 Oct 2021 20:52:17 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:51 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: TDWl12f8ZW_vm4_8SYEcC4NWSpsRsL9Us6C52NBeAPl5OmjmeoFGyw==

GET
H2 403 pasta-de-amendoim-uma-queridinha.json Show response
www.semprefamilia.com.br/json/stories/ 243 B
645 B 468ms
421ms XHR
application/xml 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/stories/pasta-de-amendoim-uma-queridinha.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a9165cf4c2f9d8b865f95259a801468adbd400676b85131e04b0fe776d13cf3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P5
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
x-cache: Error from cloudfront
x-amz-cf-id: fRcT2hvqPpvObkG5j07OtzvNp8hbbR7QW86NUJF117_JyKqzUoZA-w==

GET
H2 200 o-que-pode-mudar-na-eleicao-2022-com-moro-candidato-a-presidencia.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 112ms
62ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/o-que-pode-mudar-na-eleicao-2022-com-moro-candidato-a-presidencia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3a89ef6a3db1057123138fe29b291a5bd2caeaf27b49c2ec88c4465f7cd6118

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bee1dc7261a65e7458c76e89e6db1e7f"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 19:57:53 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 64tq3RzgRUBmZGAXES9PbF3pymQ4M46o8HjUAnLnWlph5wV9EGVPWw==

GET
H2 200 investigados-lava-jato-eleicoes-2022.json Show response
json.gazetadopovo.com.br/republica/ 17 KB
4 KB 93ms
44ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/investigados-lava-jato-eleicoes-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9ea1fe797ea00beaf9d57ea696deb58fbd9382ee052eac189f43189be6b73da

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"782afe1b5e6a13391b93f5e2e42853ed"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 20:46:45 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: v1iCa56AdONiQVTZg7plQXehUZcchbL4dr4p3-h8UzOO3SJRh5uZoA==

GET
H2 200 1095312.json Show response
json.gazetadopovo.com.br/ideias/ 19 KB
4 KB 70ms
21ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/1095312.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57652e0800d22b6c2fba9259642a84354183fc95b8302af0c4e2798ea5865971

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f8ca71d709013c54d3282499138313a3"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 14:39:58 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: iwIyDoI_VxZiuVpwEOjh6Xydh0onX7V9W9ZFbcq2dOO8MFGAWedPlA==

GET
H2 200 greve-dos-caminhoneiros-auxilio-diesel-bolsonaro.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 107ms
58ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/greve-dos-caminhoneiros-auxilio-diesel-bolsonaro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffe9131535d3d2735fde7b822bf5639f53416e35634a740f488c7d1957155695

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"df2a2e9a2d3a7cb33f3ec1c97a457204"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 19:10:26 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: JG-l47UAvonxSedz_s-SartUcCUhfapSW9evKVhUcvE9p6SVbFBoiw==

GET
H2 200 quarentena-cult-74-o-comediante-que-destruiu-a-ideologia-de-genero-com-muito-bom-humor.json Show response
json.gazetadopovo.com.br/ideias/ 17 KB
4 KB 98ms
50ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/quarentena-cult-74-o-comediante-que-destruiu-a-ideologia-de-genero-com-muito-bom-humor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddc395f1550e6bce4260acc0040f068ec4be3767c5bb36770d71b9820793d850

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"dbe2bc7176bd645ba486a9d3a18be6c4"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 15:31:36 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: a4F4SRO5j-jyhPh1Gqzoom6PwAzpAULSFw60jin2p5UGEHS_irct2w==

GET
H2 200 augusto-heleno-por-que-o-crime-de-opiniao-so-vale-para-um-lado.json Show response
json.gazetadopovo.com.br/vozes/leda-nagle/ 57 KB
8 KB 478ms
430ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/leda-nagle/augusto-heleno-por-que-o-crime-de-opiniao-so-vale-para-um-lado.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2920ce872d83e9ae339e5f4b46f49666793a4f4fe6369aa471355958cb44e1a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f69c1eef68f1ecf94a8528d99f253261"
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 12:02:01 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:51 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: lEoEemLJ6hIlnsr05QzNVEbPzN7WlsI8hKfCOid_ntgSkLP0LLEAOQ==

GET
H2 200 censura-a-bolsonaro-allan-dos-santos-e-auxilio-brasil-sao-temas-de-hora-do-strike.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 63 KB
10 KB 100ms
53ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/censura-a-bolsonaro-allan-dos-santos-e-auxilio-brasil-sao-temas-de-hora-do-strike.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e1b92b2659d03e5ef5979521cfa37866c2190a6b9be2430ecbfbd394004cc32

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9137c7be473ec3f408a6f0445a5bab28"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 22:49:46 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: PjpBPCHA2CiOOwYLcUSjL9QDjM1yIdKzmCekye5pza8wn02mzl5TbQ==

GET
H2 200 bolsonaro-malvadao-mas-sem-corrupcao-parodia-da-cpi.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 54 KB
7 KB 103ms
56ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/bolsonaro-malvadao-mas-sem-corrupcao-parodia-da-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57d22e40b059991666e3b9114b2c0d6afe872d806c5c7bf66a5e3ddc5e4fbf7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"95bd8d76311b49be9dfc50c8a3afea6a"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 18:22:24 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: b0mhBm18HFTFXXXrCC_B8vEy01Ydzba001BZL8dFd7hkLryhWNlQcQ==

GET
H2 200 documentario-de-josias-teofilo-revela-como-surgiu-a-nova-direita-no-brasil.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 66 KB
10 KB 100ms
53ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/documentario-de-josias-teofilo-revela-como-surgiu-a-nova-direita-no-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 636d2b5162f1287e124ff05cb26d8b3e5a4cd849476faa928d23e20ceff32a80

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9185280ae9f74c9cefa0990362ed5172"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 18:15:22 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: x40ioJYP12E1qbj31lVPoR0O_g8-yPa3I5QJE5iJmoahGe9H2ncy5A==

GET
H2 200 relator-no-tse-vota-pela-absolvicao-de-bolsonaro-por-disparo-de-mensagens.json Show response
json.gazetadopovo.com.br/republica/ 37 KB
7 KB 91ms
45ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/relator-no-tse-vota-pela-absolvicao-de-bolsonaro-por-disparo-de-mensagens.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb1273da17f5347d1f51d83d49cdfd942321431a8d1ba798c1df677d4b163a2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a5870a4836abd0d32f8e562198a17a8d"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:05:06 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: VaFw6tHy4lGTBCieOwrXLNuKXcSmt0T1FkU2kGtT3aAEZC7QHnNChw==

GET
H2 200 cpi-da-covid-aprova-relatorio-de-renan-calheiros-com-80-indiciamentos.json Show response
json.gazetadopovo.com.br/republica/ 50 KB
11 KB 96ms
50ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/cpi-da-covid-aprova-relatorio-de-renan-calheiros-com-80-indiciamentos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f3a98bfba7251a1a34c149ac3ff57e0d7357293ea27f772b983afb440e86988

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:01 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 169
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 17:59:50 GMT
server: AmazonS3
etag: W/"bc3f4fcb7a1a348963710e609e5f8683"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
content-type: application/json
x-amz-cf-id: XJEen7tt6oFTQmmIw0WwmHeLf4YfrdAqoCXzKngGlSljKZexhu59mg==

GET
H2 200 tse-julgamento-acoes-do-pt-para-cassar-bolsonaro-entenda.json Show response
json.gazetadopovo.com.br/republica/ 27 KB
7 KB 109ms
63ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/tse-julgamento-acoes-do-pt-para-cassar-bolsonaro-entenda.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa1bf376243c78d775dfc9c269907505ef8aa34851f6e29b846cef7bd2c87929

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"28775d3450be170c99fd4b5e8796c8ea"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 18:49:53 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: L9tZepAi7GkS045ai_Qn-laiUwCGN6scN7Q8Jn1usSHH3zYw0u2yWQ==

GET
H2 200 quem-e-alexandre-cordeiro-afilhado-do-centrao-cotado-ao-stf-supremo.json Show response
json.gazetadopovo.com.br/republica/ 27 KB
7 KB 104ms
59ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/quem-e-alexandre-cordeiro-afilhado-do-centrao-cotado-ao-stf-supremo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83b1cde03f379884890844e9213ed51166d960c71e38a46c0f892b18d47eb854

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"838d2f4b5cdedc17c053ab66c52d6322"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 18:28:17 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: es8RE6zlhUR5-4zyqXzdieg7SVuosPo_rW-jVkFxGzkmrxXCVcGU7Q==

GET cxense.json
apps.gazetadopovo.com.br/cxense/ 0
0

GET
H2 200 / Show response
comments.gazetadopovo.com.br/content/count/comments/ 2 KB
3 KB 322ms
321ms XHR
application/json 52.222.214.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22ebdb53e0-3725-11ec-aad3-2d413ce4ef4d%22,%221248df10-3736-11ec-8989-154f7f11e203%22,%22781b9070-374b-11ec-9a7a-a91dd9f03339%22,%2274507eb0-374b-11ec-9a7a-a91dd9f03339%22,%227859f5a0-3722-11ec-aad3-2d413ce4ef4d%22,%224d8f15e0-3735-11ec-8989-154f7f11e203%22,%2225af89f0-36be-11ec-ab3f-5bf82d8d4429%22,%22173caed0-3735-11ec-8989-154f7f11e203%22,%226387d6f0-36b5-11ec-9024-f7b93ae0aceb%22,%22daa714a0-3735-11ec-8989-154f7f11e203%22,%226dece4d0-36a8-11ec-bf85-59e423c3594c%22,%22b33b1cc0-3697-11ec-944b-b9b7d0f35c96%22,%22d2d57d80-372f-11ec-ad3a-9fc321c1e74b%22,%22a26d7800-372a-11ec-90b1-ddbe9f737683%22,%22e575c4c0-36af-11ec-85cd-6160b4589549%22,%2269807710-36b5-11ec-9024-f7b93ae0aceb%22,%223af6e8d0-36a0-11ec-963e-d3dae92759ff%22,%2273f9be50-36aa-11ec-bf85-59e423c3594c%22,%2204acfffc-fa23-465d-a755-eb5f31b14feb%22,%2272572b80-36a2-11ec-963e-d3dae92759ff%22,%2223737ca0-36be-11ec-ab3f-5bf82d8d4429%22,%22bd99e270-3721-11ec-aad3-2d413ce4ef4d%22,%22e92eda50-369d-11ec-a8ba-8f453744807f%22,%22b2cb87b0-36bb-11ec-ab3f-5bf82d8d4429%22,%227a39aac0-3725-11ec-aad3-2d413ce4ef4d%22,%228fe9f550-369e-11ec-a8ba-8f453744807f%22,%22560828b0-371c-11ec-ab52-41fccbe5b23a%22,%22b0a1d670-36a6-11ec-9280-11ae20d4dd0c%22,%2281a21380-36a1-11ec-963e-d3dae92759ff%22,%2260dcc720-35e4-11ec-a1a1-5f408d6eb888%22,%2281f2e500-3514-11ec-b579-75450807036d%22,%22e11a4df0-366f-11ec-a75d-03458fd73320%22,%22caf077c0-3660-11ec-997a-c5f12a7e97e6%22,%2266a5f260-365e-11ec-997a-c5f12a7e97e6%22,%22649beff4-ad02-4667-bbd9-bc08df3782ef%22,%2200a9c390-3697-11ec-944b-b9b7d0f35c96%22,%22aa0bed50-35d4-11ec-a387-bfee51d84ab5%22,%22a8eae8e0-3453-11ec-819e-093316327eda%22,%22b6824270-336b-11ec-a53b-f98eccf150e0%22,%22b2bddcc0-3281-11ec-b893-bfc38ec2d0de%22,%22b197edc0-35cb-11ec-80e9-b3a79f999874%22,%223ab7ddb0-35d4-11ec-a387-bfee51d84ab5%22,%22e8dd7540-31d7-11ec-90a3-a391a2b5e116%22,%2239b10e60-329a-11ec-926a-250caa2d29ce%22]
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-129.fra56.r.cloudfront.net
Software: / Express
Resource Hash: c9add5e3c07b9f0bb188d353c611250ee62fa5571662710ce4b65ba03879df2b

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
etag: W/"813-qOeP+MOiHQCkb9tj3FHP9PulzV8"
x-amzn-remapped-content-length: 2067
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:50 GMT
x-amz-cf-pop: FRA56-P3, FRA56-P3
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKhFzvIAMFwmw=
content-length: 2067
x-amzn-requestid: 2a5ce903-9322-489c-93d5-f58372efd97b
x-amzn-trace-id: Root=1-61799576-69123d086d0609731bc37936;Sampled=0
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: Xc_9X1zyC3yMqP7GnRlI883MuNxiepqTpJGcvPiQUtGKvp5sb8RQFg==
x-amzn-remapped-connection: close

GET
H2 200 saiba-agora.json Show response
www.gazetadopovo.com.br/json/ 51 KB
8 KB 12ms
10ms XHR
application/json 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/saiba-agora.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ff4373331349c1b6e77ade3ebd0d0a5b76dd8762aab0bb0aa5dccf0a58fee35

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:02 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 18:01:13 GMT
server: AmazonS3
age: 168
etag: W/"4da119d58222838451fddb6d409cb4d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P2
content-type: application/json
x-amz-cf-id: Nc9HYQAdpksnQqJYWgYab0edxjVoK131_ODzWARNYWXKnhgwvNpldQ==

GET
H2 200 mais-lidas.json Show response
www.gazetadopovo.com.br/json/ 1 KB
1 KB 12ms
7ms XHR
application/json 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/mais-lidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34a04668df620632bffd65dde8d0d8ba260543b6d7298e869f4685ce3d49078d

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 17:49:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"81ffec6ae1b7a49a4c9f9d2d801d70f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
date: Wed, 27 Oct 2021 18:07:49 GMT
x-amz-cf-id: _5I59TQQa22IWLNL4FE-LxxeprpSrX7gB9qAbES_bR26ZodeBmlEeA==

GET
H2 200 config.json Show response
www.gazetadopovo.com.br/json/ 61 KB
7 KB 421ms
418ms XHR
application/json 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/config.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eeab97438677d1c865a7e3275847c650c0e194b751e4630149ffe132857d8fb

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 19:47:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"2223e8e855c7b7bb3fea5aeac3fb03e8"
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
date: Wed, 27 Oct 2021 18:07:51 GMT
x-amz-cf-id: UCglpKtIGRbWRBjj7zHpDdL1id8dDBu5iDsiN09WBHp0Ej_iwTh_KA==

GET
H2 200 reactions-rank.json Show response
www.gazetadopovo.com.br/json/ 11 KB
4 KB 11ms
10ms XHR
application/json 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/reactions-rank.json?_=1635358067286
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ba699398f04670c9aeee9c10630dc457a7349f569f2a7ea86173dc45b1dc7f4

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:02 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 18:04:12 GMT
server: AmazonS3
age: 168
etag: W/"31c9ae06e4f126bfe41956e455dbd62d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
content-type: application/json
x-amz-cf-id: jYa9KjqCGzaEVt__RH4WRXcC-SKzkEJjK9l1eoPPVhvsEQDjbFggmQ==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 68ms
9ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-74281fb7256d3e87d42d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2e66d1d7a17d523ccf19986ee33561b335b75dcd51713ba4c60d098d9ee3e59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:49 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 22:52:11 GMT
akamai-grn: , , 0.126d3717.1635358069.1988f78d
etag: 4ee772af12ce75b5cab8ea0ef38011c7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3202
akamai-cache-status: Miss from child
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 30273

GET
H2 200 ico-save.svg
assets.gazetadopovo.com.br/images/svg/ 340 B
712 B 8ms
5ms Image
image/svg+xml 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-save.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1110db8c294323e2af8ff57b8e2ef664164b4cd9cbbd0e474bd5c7fdf4dfece0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 17:48:16 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 17:27:48 GMT
server: AmazonS3
age: 1642774
etag: "fabe0f28c70338bcef62cfd1cc92d214"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/svg+xml
content-length: 340
x-amz-cf-id: nTpvzqTJBik8ohwT_42MkA6Zu2v4O9Fb7sLH20z7SicVASqUC-dOaA==

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
457 B 10ms
7ms Image
image/png 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 22506585
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: xNS3DbVqjeDwh8tCMbWcs4qVYrjz3jTw3n0OaqnsCsUIW3Tks85t8A==

GET
H2 200 escolha-do-editor.json Show response
www.gazetadopovo.com.br/json/ 54 KB
9 KB 14ms
9ms XHR
application/json 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/escolha-do-editor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88c210c87fb4746c06d21f5d98b2d29d740986e3902869329b200b5fb83752c5

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:05:02 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 18:00:12 GMT
server: AmazonS3
age: 168
etag: W/"49a85af7879c4d5293a36635c86a449e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P2
content-type: application/json
x-amz-cf-id: KJ4xY0Fnb7H1pgDTK_lZgZT9RaMRLvklLScSkgbUkp-YSBr12qJfOg==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 322ms
297ms XHR
application/json 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:50 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P5
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKhEpHIAMF4-Q=
content-length: 4
x-amzn-requestid: 7bf8d05e-65ae-4bb0-a825-bb5d04eb91dd
x-amzn-trace-id: Root=1-61799576-0c589c6678e67ede6a2fcf1a;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: 4Q7IhKlzJwFVtFHuj1eIRnVBBOM7_aZn_q_gvEjMiY8p5Vwszz5r2w==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 159ms
125ms XHR
application/json 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront), 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 27 Oct 2021 18:07:50 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: H4RKeEYVIAMF0rA=
content-length: 4
x-amzn-requestid: 3a60aaeb-b0fc-47e7-b418-aa5af4be7347
x-amzn-trace-id: Root=1-61799576-4ddfaf4c6756e75e089cbbad;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: LwudyAe_voMVIXOEC5zdL9-egPQ7SpT8eMYKv8Em5ngMnSdaL2Of6A==
x-amzn-remapped-connection: close

GET
H2 200 Frigorifico-Carne-Gado-Bovina-crop-20211026181809-660x372.jpg
media.gazetadopovo.com.br/2021/09/26152234/ 361 KB
362 KB 22ms
3ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/09/26152234/Frigorifico-Carne-Gado-Bovina-crop-20211026181809-660x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53befddfda1e3786650da50bc58cb98758eac41e1e76410519a4bfe6d7361b1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 13:05:51 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 18:22:36 GMT
server: AmazonS3
age: 18119
etag: "e22f97bbd139f3db6233b2334e92572a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 369985
x-amz-cf-id: TSt3SspULaLsX2nuxYYUa3cCBX9WM1uHM95HijWTjQfdzUva_2v56A==
expires: Wed, 26 Oct 2022 18:22:34 GMT

GET
H2 200 pacheco-filia%C3%A7ao-psd-660x372.jpg
media.gazetadopovo.com.br/2021/10/27142653/ 31 KB
31 KB 34ms
16ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27142653/pacheco-filia%C3%A7ao-psd-660x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dca6610635582d2632c59786b84c0ee94299fe7bedb687f18211ce668dcef52d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:35:44 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 17:26:54 GMT
server: AmazonS3
age: 1926
etag: "e7966c10e01a0189c9909af00a58cf66"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 31379
x-amz-cf-id: a-2T-35_cvwsWpUQjCTq7tOa4AHv8QsVOfNroUxulkdJwU3_rGj2Ew==
expires: Thu, 27 Oct 2022 17:26:53 GMT

GET
H2 200 CPI-entrega-relatorio-960x540.jpg
media.gazetadopovo.com.br/2021/10/27142836/ 93 KB
94 KB 35ms
17ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27142836/CPI-entrega-relatorio-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8da8e52296676165c830e196e85d3d6e4afcde6b5b8a7c3f35aedbb23b6257e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:38:30 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 17:28:37 GMT
server: AmazonS3
age: 1759
etag: "0d6a123e9e2a805a343e0f87b630198f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 95310
x-amz-cf-id: wQHlrEfWSLeWu0NU_GjqYZD44U2t06Vk-cy42hMOf0gyUoqACWNHqQ==
expires: Thu, 27 Oct 2022 17:28:36 GMT

GET
H2 200 muriciosouza-660x372.jpg
media.gazetadopovo.com.br/2021/10/27093019/ 39 KB
40 KB 34ms
16ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27093019/muriciosouza-660x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99c8572c351b21a8fb0fb1b7b1b497933696b4790f1a2fc4767cec9511f23bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 12:42:20 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 12:30:20 GMT
server: AmazonS3
age: 19530
etag: "415a5199c13335a372556bf4e90f684a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 40056
x-amz-cf-id: eC3i86vFl028ohmpSDpa0GvTsRJBWRGlqFEnJVILRFUFdVT7ag47pQ==
expires: Thu, 27 Oct 2022 12:30:19 GMT

GET
H2 200 Bolsoanro-380x214.jpg
media.gazetadopovo.com.br/2021/10/27114941/ 13 KB
13 KB 34ms
17ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27114941/Bolsoanro-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a240670c57ae687193af6c756203ee4c51051d11df0803f30508c28ea0e3fb21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 15:02:10 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 14:49:42 GMT
server: AmazonS3
age: 11140
etag: "0a3230da8c817712ee74900f7a2ce6cc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 13213
x-amz-cf-id: 59ayT4zDmHYznv3Ys5_KITB0_j58CQq8YcfI8I017YtS2s5B6nqkQA==
expires: Thu, 27 Oct 2022 14:49:41 GMT

GET
H/1.1 200
OK geolocalizacao.php Show response
apps.gazetadopovo.com.br/geolocalizacao/ 153 B
732 B 820ms
206ms XHR
application/json 54.233.124.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.gazetadopovo.com.br/geolocalizacao/geolocalizacao.php?inf=cidade
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.233.124.69 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-233-124-69.sa-east-1.compute.amazonaws.com
Software: Apache/2.4.10 (Amazon) PHP/5.4.37 / PHP/5.4.37
Resource Hash: 882564c4c16ddf59cda8f019560a6228f7fe189e6ac2613b942f7bc92ae1c85a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Oct 2021 18:11:11 GMT
Server: Apache/2.4.10 (Amazon) PHP/5.4.37
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Content-Length: 153
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 7C3F 1 KB
880 B 34ms
9ms Document
text/html 23.79.131.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.70 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-70.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

Accept-Ranges: bytes
Last-Modified: Fri, 30 Jul 2021 08:31:32 GMT
Server: AkamaiNetStorage
Content-Length: 510
Cache-Control: max-age=864000
Expires: Sat, 06 Nov 2021 18:07:49 GMT
Date: Wed, 27 Oct 2021 18:07:49 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 o-papo-e-48-o-esquema-da-venezuela-para-ajudar-cuba-kirchner-e-o-pt.json Show response
json.gazetadopovo.com.br/ideias/ 20 KB
5 KB 13ms
12ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/o-papo-e-48-o-esquema-da-venezuela-para-ajudar-cuba-kirchner-e-o-pt.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb91488ff052f3fdaa8520fce9f51a371fd1790b620ceea1048393db80faf7cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8d302e0b889b8a8f3f134f6309abcc08"
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 14:39:47 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: OtJHsMH7jlBLfZfvGugRw8JmD0KHhTKPsyUTfzUfv1pHcsiwcVpZ3Q==

GET
H2 200 muriciosouza-214x214.jpg
media.gazetadopovo.com.br/2021/10/27093019/ 11 KB
12 KB 10ms
9ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27093019/muriciosouza-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c015e9896ef640d1df16bb9927f607d77748a6a02859a1409467523e92f9f651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 13:12:41 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 12:30:21 GMT
server: AmazonS3
age: 17710
etag: "a8ad498458fc953f6df426dfcd661250"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 11429
x-amz-cf-id: prtL-np1_w8qUaf_FzPnS2b3sU2viHr4I-2VmvBcd13rDLHxKvXpdA==
expires: Thu, 27 Oct 2022 12:30:19 GMT

GET
H2 200 Bolsoanro-214x214.jpg
media.gazetadopovo.com.br/2021/10/27114941/ 8 KB
9 KB 12ms
11ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27114941/Bolsoanro-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2a2cf6048ef9775f728b175ded3fc929809a74aaddfcc9b2ebc93f24c7c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 15:20:14 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 14:49:43 GMT
server: AmazonS3
age: 10057
etag: "298a107e51f1b201e260cb1d81b7e59d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8518
x-amz-cf-id: BVL1iOsSyZ4t1DupM1so7Pl0v7MuLJF-GBHWJc6Jhv20OdWrVdUx9A==
expires: Thu, 27 Oct 2022 14:49:41 GMT

GET
H2 200 Frigorifico-Carne-Gado-Bovina-crop-20211026181809-214x214.jpg
media.gazetadopovo.com.br/2021/09/26152234/ 83 KB
83 KB 11ms
11ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/09/26152234/Frigorifico-Carne-Gado-Bovina-crop-20211026181809-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95a55e45359b8cf1d30f2f32ae9046cde607ecb2d4c4e595196a6d70c0b31c84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 14:22:22 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 18:22:36 GMT
server: AmazonS3
age: 13529
etag: "fef06dd76cdb95b822085162836f92c5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 84585
x-amz-cf-id: vNsF0ZRfQn8vEHUJKroL2TcBvMMMrwERjk2GEqOzWCGc7sVJpB0Dng==
expires: Wed, 26 Oct 2022 18:22:34 GMT

GET
H2 200 49700559368_3f095ed5dd_o-1-214x214.jpg
media.gazetadopovo.com.br/2021/10/27104701/ 12 KB
12 KB 12ms
12ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27104701/49700559368_3f095ed5dd_o-1-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86082aca02e82bf745c5f1f5e18fa7592796275f011ee6b213b7b0533415c4a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 15:35:23 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 13:47:03 GMT
server: AmazonS3
age: 9148
etag: "6f0d6424797a9d7eeb080eaeefb39648"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 11871
x-amz-cf-id: VoXkxC4G-69zoCkdkITK2hp8cZrg4mIvHXcKl_sTOZRSnqrmAepbkw==
expires: Thu, 27 Oct 2022 13:47:01 GMT

GET
H2 200 muriciosouza-380x214.jpg
media.gazetadopovo.com.br/2021/10/27093019/ 17 KB
18 KB 9ms
6ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27093019/muriciosouza-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e47b10908b862b2dcbbf45bae0577a92adbd0f561abb8c2ffd638f319223eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 12:39:27 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 12:30:20 GMT
server: AmazonS3
age: 19704
etag: "51190fa64a94db9d9251a848759a107d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 17577
x-amz-cf-id: xoiqfMHmOLme0YAD8YD2EOMkObykHG-rnkGIobVu3oCSg0jMeIiosA==
expires: Thu, 27 Oct 2022 12:30:19 GMT

GET
H2 200 8005188182001w-380x214.jpg
media.gazetadopovo.com.br/2021/10/25190027/ 14 KB
14 KB 10ms
7ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/25190027/8005188182001w-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545f595f2dfe627ebc65674ab5a2670731c66b192e65192d6387166cce8ecf6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 09:16:37 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 22:00:29 GMT
server: AmazonS3
age: 118274
etag: "d835c3d099bcadecb65218cd31d47236"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 14239
x-amz-cf-id: rcvjAXkjEm153vHc-lK1ybvxe-e9PP9w5Wptz0lSXIFnoR-688M7gg==
expires: Tue, 25 Oct 2022 22:00:27 GMT

GET
H2 200 livebolsonaro-380x214.jpg
media.gazetadopovo.com.br/2021/10/25085301/ 22 KB
23 KB 13ms
11ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/25085301/livebolsonaro-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7012d2c12a9eb74e7545d1d090ad0d40cf67b9c2f62221cef76a75ad97ecabc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:00:26 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 11:53:02 GMT
server: AmazonS3
age: 191245
etag: "262b2c992667ad51bdb7f12f16107e77"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 22858
x-amz-cf-id: 8pGNi2ow_ABhh-s8yp6ZRLqaGg1BAAWmFgQh0u0V4rUyQcl6zB4Azg==
expires: Tue, 25 Oct 2022 11:53:01 GMT

GET
H2 200 51615672053_2102c88392_k-380x214.jpg
media.gazetadopovo.com.br/2021/10/25204914/ 28 KB
29 KB 11ms
8ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/25204914/51615672053_2102c88392_k-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0030d033f241b8435ec583baaee9faf7cb962e96a74e9e496838befb4c7a619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 02:22:48 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 23:49:15 GMT
server: AmazonS3
age: 143103
etag: "0401e3f9be9f744010371fdfb93e1417"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 29167
x-amz-cf-id: LTh8IlvtZNlx6tiJ7uj5D8lKeev8rlO-zU8OqQUowPWtN_1A3-J5sw==
expires: Tue, 25 Oct 2022 23:49:14 GMT

GET
H2 200 Lu%C3%ADs-Felipe-Salom%C3%A3o-Lu%C3%ADs-Roberto-Barroso-no-TSE-380x214.jpg
media.gazetadopovo.com.br/2021/10/26220935/ 34 KB
34 KB 13ms
10ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/26220935/Lu%C3%ADs-Felipe-Salom%C3%A3o-Lu%C3%ADs-Roberto-Barroso-no-TSE-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847c1e544245da46758e637c6e8676d90f02919133c763f93d9e233d97cc94b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:33:48 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 01:09:36 GMT
server: AmazonS3
age: 59642
etag: "573e9e354c97fd021619fefea4b99571"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 34857
x-amz-cf-id: -VRVQlSKMnhqwAHy2MBhZ2WFwzHPbST6vs6A5AfK5nqDqH_fa1STcg==
expires: Thu, 27 Oct 2022 01:09:35 GMT

GET
H2 200 51629339108_e460ce9e1d_o-1-380x214.jpg
media.gazetadopovo.com.br/2021/10/26085049/ 18 KB
18 KB 13ms
11ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/26085049/51629339108_e460ce9e1d_o-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52b4c638e73a20f4947296d1c3145fa285c7cc2d0ed166f857f05ef24a7baa97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 11:59:37 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 11:50:50 GMT
server: AmazonS3
age: 108494
etag: "1f27f384a577ac726fd4192911633239"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 18400
x-amz-cf-id: r_Hb1zJiuxrlT9Vjk_wsCTq5KD36Ii20-_03YvsB376JmApxqeHLag==
expires: Wed, 26 Oct 2022 11:50:49 GMT

GET
H2 200 Spotify--3-380x214.png
media.gazetadopovo.com.br/2021/10/26163419/ 79 KB
80 KB 15ms
13ms Image
image/png 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/26163419/Spotify--3-380x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82a7381148f6fe9acffb752263f92066da278bd671eb620dcc54e9019c359a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:10:48 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 19:34:20 GMT
server: AmazonS3
age: 79023
etag: "7a1c3cd7eee8eeb01e9ab44245bde72e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 80950
x-amz-cf-id: Hbx4zFMvGqBUrWMC0IUffQ-M2nOFZ-59MM8KdboWAzXjxKowAdy4Rg==
expires: Wed, 26 Oct 2022 19:34:19 GMT

GET
H2 200 WhatsApp-Image-2021-10-23-at-17.24.59-380x214.jpeg
media.gazetadopovo.com.br/2021/10/23201920/ 23 KB
23 KB 14ms
12ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/23201920/WhatsApp-Image-2021-10-23-at-17.24.59-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 568d97c1bf323dee478c22c0082f55644bc7eb2aaba91f8b4f2e26dc8d2d6406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 23:29:35 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Sat, 23 Oct 2021 23:19:21 GMT
server: AmazonS3
age: 326296
etag: "6f99b7c96a092ba7fd2342a80e8263d6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 23631
x-amz-cf-id: IRZ8-6k_MKjlm22hFTaeajLtfK5rXOy7dmeb5KhnrxipbrSzpWSAFQ==
expires: Sun, 23 Oct 2022 23:19:20 GMT

GET
H2 200 49700559368_3f095ed5dd_o-1-380x214.jpg
media.gazetadopovo.com.br/2021/10/27104701/ 16 KB
16 KB 15ms
14ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/27104701/49700559368_3f095ed5dd_o-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f9000d4a9998f00d1e06594b284f0e0ca5d2d68b3d92a10185903cb644d8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 15:08:20 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 13:47:03 GMT
server: AmazonS3
age: 10771
etag: "19a56441ad3f7019bd25a9800ef3c61c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 16083
x-amz-cf-id: -cL7FsCsipZfj1HMtsqlfgpSvwkk4gFn-dUOYDhngZk-Xr4xugaOvA==
expires: Thu, 27 Oct 2022 13:47:01 GMT

GET
H2 200 5a0886d4-799c-11e9-82a9-00505697492c-wp-380x214.jpg
media.gazetadopovo.com.br/2021/10/26080200/ 27 KB
28 KB 15ms
14ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/26080200/5a0886d4-799c-11e9-82a9-00505697492c-wp-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a300db12275c3d223ad200b90c250265854336e8006718a3d2f79d5487f635e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:25:56 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 11:02:01 GMT
server: AmazonS3
age: 106915
etag: "9f84bff1025e02fbb9d52164d82eb6c1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 27981
x-amz-cf-id: bQyiCLVNu61lLQU3yFUy_hgsCzFjqNab4-lV6NWHeyOmno71xVvCMA==
expires: Wed, 26 Oct 2022 11:02:00 GMT

GET
H2 200 51609167430_5f2066dc50_b-380x214.jpg
media.gazetadopovo.com.br/2021/10/25163521/ 19 KB
19 KB 17ms
16ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/25163521/51609167430_5f2066dc50_b-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a43e3cf2259c50480fa45042d2df7b76f5da76e41e966fb11215f7345f37969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:25:14 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:22 GMT
server: AmazonS3
age: 78157
etag: "efeb971aec7444b30ed9573af613154e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 19136
x-amz-cf-id: fsJ4gZmK3V-G8lEJzx37DNO6_SMN9oijK8_K7h6je9q-2j-CdrlGqQ==
expires: Tue, 25 Oct 2022 19:35:21 GMT

GET
H2 200 terceira-via-reproducao-twitter-380x214.jpg
media.gazetadopovo.com.br/2021/09/17165135/ 17 KB
18 KB 17ms
16ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/09/17165135/terceira-via-reproducao-twitter-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dede76926400ad9a6d0e6af528690f407a1bc23666f873f81905cc8e513d5ee1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 19:04:51 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Fri, 17 Sep 2021 19:51:36 GMT
server: AmazonS3
age: 169380
etag: "6982bb11f629a1593b5fc0e21c1a9b6d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 17819
x-amz-cf-id: -3AZcMz3nSO2hBY2h4S80yZUm0TK95VHupqR3qurBwacSsuMqvxksA==
expires: Sat, 17 Sep 2022 19:51:35 GMT

GET
H2 200 renan-calheiros-foto-agencia-senado-380x214.jpg
media.gazetadopovo.com.br/2021/10/26193653/ 15 KB
16 KB 12ms
9ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/10/26193653/renan-calheiros-foto-agencia-senado-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 362368ae3d8f674f5a57b794e7c35f26b4957321720a05d4fe7f953e9c33a052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 23:39:13 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 22:36:54 GMT
server: AmazonS3
age: 66517
etag: "c1478e03c7315da5665720845d35dc8f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 15783
x-amz-cf-id: EK1HNcYDoKiobQRzsNsJeMpopiRyOcTNLqx1cOxbhcEH-ew45SMH7A==
expires: Wed, 26 Oct 2022 22:36:53 GMT

GET
H2 200 5e356c30-00ed-11ea-9b35-f91c7685f855-wp-380x214.jpg
media.gazetadopovo.com.br/2020/05/22102623/ 24 KB
21 KB 11ms
10ms Image
image/jpeg 18.66.112.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/05/22102623/5e356c30-00ed-11ea-9b35-f91c7685f855-wp-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcfab3bc3c3228df88ef48cdc758856f3821b987f0720cfa608b541c175e0777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 20:19:09 GMT
content-encoding: gzip
last-modified: Fri, 22 May 2020 13:26:26 GMT
server: AmazonS3
age: 78522
etag: "9d3e603be99cd93f88357025d5d8b4ab"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 20900
x-amz-cf-id: fz592HWvMNnFXluPYFaJcOXxHlFGqZTWl6xD75kDeZbozxBVXk_Adw==
expires: Sat, 22 May 2021 13:26:23 GMT

GET
H3 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 8ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:40:24 GMT
x-content-type-options: nosniff
age: 574046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19728
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 02:40:24 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 4D87 197 B
690 B 93ms
37ms Document
text/html 13.32.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-79.fra60.r.cloudfront.net
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Wed, 28 Apr 2021 17:51:02 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 27 Oct 2021 18:02:13 GMT
expires: Wed, 27 Oct 2021 18:12:10 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: f9lOhcn5kMCaE9auvRrNcAlsgrBeoDVAO9eiuKIEahYWVxi4RO1Umg==
age: 340

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 80ms
49ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c3fa8839a59dbe8cd66a9b913dbf9db6ef3dffd0e5fd60cf3e4444370a031e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 49 of 1000 / last-modified: 1635355591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27207
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 18:07:50 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 108 KB
34 KB 1211ms
401ms Script
text/javascript 200.147.166.104
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.104 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: t.dynad.net
Software: D3-FE15 / DynAd.net
Resource Hash: 35843a0171ff7f2a8e44cb69f8056fbf8e3c1cacd14b47a7b9da96e44c51c572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: gzip
server: D3-FE15
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.545 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Wed, 27 Oct 2021 18:07:51 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
5 KB 27ms
18ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 13:45:52 GMT
akamai-grn: , 0.126d3717.1635358070.1988f8f1
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1282
akamai-cache-status: Hit from child
server-timing: cdn-cache; desc=HIT, edge; dur=4
content-length: 5277

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 133 KB
17 KB 23ms
19ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 23:36:09 GMT
akamai-grn: , , 0.126d3717.1635358070.1988f8f3
etag: 34e760100b26b8b0e005dfeb1ded6103
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3311
akamai-cache-status: Miss from child
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 17488

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 618ms
200ms Script
application/javascript 186.234.166.12
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 186.234.166.12 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:09:40 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Wed, 27 Oct 2021 19:07:50 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 8 KB
3 KB 20ms
18ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e19f257d48f64525d72a73ddd7981b9f2001c3a7381f24f699c270ed0e2fc27e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 15:34:16 GMT
akamai-grn: , 0.126d3717.1635358070.1988f8f4
etag: 9f16230163e51aa4f8a85d0515f28e7d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=2171
akamai-cache-status: Hit from child
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 2888

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 666ms
201ms Script
application/javascript 200.147.3.137
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 200.147.3.137 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-3-137-137.static.uol.com.br
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:50 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Wed, 27 Oct 2021 18:07:49 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 0F5B 213 B
701 B 15ms
15ms Document
text/html 13.32.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-79.fra60.r.cloudfront.net
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Wed, 28 Jul 2021 19:15:09 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 27 Oct 2021 18:02:13 GMT
expires: Wed, 27 Oct 2021 18:12:10 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 7tQplIqV9arhnQRQb5aaeikuTlBROa7dTJBzAYdCD7HdR57BsvH9NA==
age: 340

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame B866 213 B
699 B 16ms
15ms Document
text/html 13.32.99.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-79.fra60.r.cloudfront.net
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Wed, 28 Apr 2021 17:50:59 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 27 Oct 2021 18:02:13 GMT
expires: Wed, 27 Oct 2021 18:12:10 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: tiOHs4ZciAGsbFi01xw1iS9I4gc4k3QZadcc57qkhG9--qdCl8FcUQ==
age: 340

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 7C3F 116 KB
27 KB 77ms
77ms Script
application/x-javascript 23.79.131.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.70 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-70.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Wed, 27 Oct 2021 19:07:50 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 4D87 4 KB
2 KB 8ms
8ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
akamai-grn: , , , 0.126d3717.1635358070.1988f997
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1065
last-modified: Fri, 07 May 2021 13:45:52 GMT
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=425
access-control-allow-credentials: true
akamai-cache-status: Hit from child
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H3 200 pubads_impl_2021102101.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 44ms
25ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122596
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 18:07:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
120 B 36ms
20ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
expires: Wed, 27 Oct 2021 18:07:50 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 0F5B 42 KB
9 KB 8ms
8ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
akamai-grn: , , 0.126d3717.1635358070.1988f9a2
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 8899
last-modified: Sat, 23 Oct 2021 15:09:44 GMT
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1184
access-control-allow-credentials: true
akamai-cache-status: Hit from child
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame B866 42 KB
9 KB 12ms
11ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
akamai-grn: , , 0.126d3717.1635358070.1988f9a4
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 8899
last-modified: Sat, 23 Oct 2021 15:09:44 GMT
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=1184
access-control-allow-credentials: true
akamai-cache-status: Hit from child
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
501 B 123ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 20ms
19ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:10 GMT
akamai-grn: , , 0.126d3717.1635358070.1988f9dd
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3229
akamai-cache-status: Miss from child
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=1, origin; dur=238
content-length: 6125

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 7C3F 47 B
638 B 39ms
11ms Script
text/javascript 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 86f0ff1dcb2cc86bab41c5298f45934e7b7212512e02ca79fce721ba1c499df4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
last-modified: Tue, 27 Apr 2021 18:07:50 GMT
server: Jetty(9.4.28.v20200408)
etag: 1n3xubtap1w2r1f2wb169kc6q1
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Thu, 27 Oct 2022 18:07:50 GMT

GET
H2 200 / Show response
udr.uol.com.br/ 76 B
554 B 299ms
271ms Fetch
application/json 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/?scopes=base-assinantes,user-preferences
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: a7cb940837e732f8a394c3826f322d8815f2e8235e64235ca5aa81d466ae4337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA60-P1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 76
x-amz-cf-id: p1ZjFf54kf-7s_fJc9xiavFazt8tuoFPvKn9xLLsLEq9LCtCFpHSUg==

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 15ms
14ms Script
application/javascript 23.55.110.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.18 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 00:30:40 GMT
akamai-grn: , , 0.126d3717.1635358070.1988fa0d
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=3213
akamai-cache-status: Miss from child
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 8357

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
477 B 107ms
106ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1|_channel:gazetadopovogeral:1&tK=1635358071&tM=referral&tL=referral&tN=referral&tY=3&tZ=581884101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
457 B 9ms
8ms Image
image/png 52.222.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-e3b8751ae34bd554558c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381463.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 22506586
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: vysaVw0IdkJPiR5hp5KswKD1Lg3kUwOfFp6HEdBiXv7Jnrw3ngC9sg==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 51ms
19ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 18:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 7C3F 43 B
468 B 38ms
13ms Image
image/gif 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kv9tywm1asbw3dfe&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&new=1&arf=0&ltm=1635358067353&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&tzo=0&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kv9tyyjisqf9adwp&ckp=kv9tyykyyvr63sbr&glb=&wsz=1600x1200&cp_gdp_user-state=unlogged&cst=1n3xubtap1w2r1f2wb169kc6q1
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 302ms
301ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833844748916699&correlator=1833970960121627&output=ldjh&impl=fifs&eid=31063275%2C31063313%2C31063224&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-2%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635357639&dt=1635358070707&dlt=1635358066956&idt=3624&frm=20&biw=1600&bih=1200&oid=2&adxs=241&adys=1801&adks=2044746413&ucis=1&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019788381.1635358067&ga_sid=1635358071&ga_hid=62327033&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a09e85b6e312ddf4e427f8ca7d9d19bbbc7c017a6062a76827cec302fa7f25e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11378
x-xss-protection: 0
google-lineitem-id: 5819289557
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368525870
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1843 6 KB
4 KB 70ms
19ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 18:07:50 GMT
expires: Thu, 27 Oct 2022 18:07:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 743ms
742ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833844748916699&correlator=1833970960121627&output=ldjh&impl=fifs&eid=31063275%2C31063313%2C31063224&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-3%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635357639&dt=1635358070718&dlt=1635358066956&idt=3624&frm=20&biw=1600&bih=1200&oid=2&adxs=241&adys=3601&adks=1274092523&ucis=2&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019788381.1635358067&ga_sid=1635358071&ga_hid=62327033&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b400103b8114517860a9643418c60aaf23c99e7824f108e26420017fa89177de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11394
x-xss-protection: 0
google-lineitem-id: 5819289557
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368525975
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 1045ms
1045ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833844748916699&correlator=1833970960121627&output=ldjh&impl=fifs&eid=31063275%2C31063313%2C31063224&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-4%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635357639&dt=1635358070723&dlt=1635358066956&idt=3624&frm=20&biw=1600&bih=1200&oid=2&adxs=241&adys=4330&adks=1274092522&ucis=3&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019788381.1635358067&ga_sid=1635358071&ga_hid=62327033&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e0bf750d3b2c04ef59f40ed9435e1aa96ef401618d5eaa07c1ea6685a1486a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10620
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1319ms
1319ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833844748916699&correlator=1833970960121627&output=ldjh&impl=fifs&eid=31063275%2C31063313%2C31063224&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635357639&dt=1635358070727&dlt=1635358066956&idt=3624&frm=20&biw=1600&bih=1200&oid=2&adxs=205&adys=190&adks=1651446792&ucis=4&ifi=4&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1190x0&ga_vid=2019788381.1635358067&ga_sid=1635358071&ga_hid=62327033&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4ac13ebe88bf3c5f61e2bef3633c08b43f9ef738e476663e8a80943905d4ad09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11553
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1567ms
1565ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3833844748916699&correlator=1833970960121627&output=ldjh&impl=fifs&eid=31063275%2C31063313%2C31063224&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635357639&dt=1635358070743&dlt=1635358066956&idt=3624&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1190&adks=2713759382&ucis=5&ifi=5&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1148x-1&ga_vid=2019788381.1635358067&ga_sid=1635358071&ga_hid=62327033&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8cb068524690951fd4d8d53ad3fb0766489be980a9831272b9581502547f8490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11297
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
706 B 36ms
12ms Script
text/javascript 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kv9tyykyyvr63sbr%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221n3xubtap1w2r1f2wb169kc6q1%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221n3xubtap1w2r1f2wb169kc6q1%22%7D%5D%2C%22siteId%22%3A%221138596144857280556%22%2C%22location%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F%22%7D&callback=cXJsonpCBkv9tyz8petfcjndh

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.80.202.116.clients.your-server.de

Software

Jetty(9.4.28.v20200408) /

Resource Hash

c98d9904054377adfd1098364f5858c8da896b78b91069fa8311050dfd3c6486

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:50 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 117
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
150 B 103ms
102ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 1849a27073863e5a136f7f28500e2482a25f2f3cfe037ff2d2b5da03053e7857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 48fdb83bb80a4c279673ddeeb6ae1692ed0d4bd1617029795ecd63fb5c57449a
m.t.tailtarget.com/sync/TT-10162-1/ 43 B
138 B 104ms
102ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/48fdb83bb80a4c279673ddeeb6ae1692ed0d4bd1617029795ecd63fb5c57449a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: clear
content-length: 43

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 436
date: Wed, 27 Oct 2021 18:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Wed, 27 Oct 2021 20:00:34 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

6ms
6ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 13.32.121.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:53:33 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 859
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: l-PeimUanlW2FbJuwHjdDN-HPmGUPD0K9M_9Hyho1yCTLGZpThA92Q==

Redirect headers

date: Wed, 27 Oct 2021 18:07:50 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: etkw5wLwshUyiEJ30D7aRGOHlHdwHC487kKpnERRPdx2A1BTQsdedg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=62327033&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEALAAAAAG~&jid=676054064&gjid=2035362161&cid=2019788381.1635358067&tid=UA-97689914-251&_gid=129509643.1635358067&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=2019788381.1635358067&cd66=1635358070901.3al5ocbe&cd85=59e145a8-5c85-48fc-a1fb-d285959574b2&cd87=none&cd88=none&z=1234978935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 52ms
21ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

383423ebc7af812b7810df60473cf5e1d8699c80bb070cfac189c153a4d6e136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8620
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 23ms
23ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-97689914-251&cid=2019788381.1635358067&jid=676054064&gjid=2035362161&_gid=129509643.1635358067&_u=6GDAAEALAAAAAG~&z=1328752956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 18:07:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
338 B 10ms
9ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1635358071076&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: M973LvPy43vQaMKrZRlWyjB1jofrfn8gFgZOR-9gr0K0w_yq9lBaRA==
x-cache: Miss from cloudfront

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
30ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 27 Oct 2021 18:07:51 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
39ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-97689914-251&cid=2019788381.1635358067&jid=676054064&_u=6GDAAEALAAAAAG~&z=2121980303

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5D21 12 KB
5 KB 23ms
7ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 27 Oct 2021 17:31:05 GMT
expires: Thu, 27 Oct 2022 17:31:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2978 783 B
535 B 24ms
24ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

fcb07cdb8d4ce0197488603cdb503f41f574816ad578c1279f6c6f9e16fc38f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aT0fLG/GPYHTBOpVmM1xNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 27 Oct 2021 18:07:51 GMT
date: Wed, 27 Oct 2021 18:07:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-aT0fLG/GPYHTBOpVmM1xNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 b Show response
b.t.tailtarget.com/ 148 B
589 B 105ms
104ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F76957961D406FF5902919D07&tX=b.52&tZ=19607749&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e394aefd31ae38b9af4250fc1904d3168422ab30316021ef28c277a8c9a7cf2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2978 0
0 99ms
78ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102101&jk=3833844748916699&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D21 35 KB
13 KB 33ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 09:25:50 GMT

GET
H2 200 jogador-de-volei-e-afastado-de-time-em-mg-apos-criticar-ativismo-lgbt.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 40 KB
7 KB 8ms
8ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/jogador-de-volei-e-afastado-de-time-em-mg-apos-criticar-ativismo-lgbt.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dc65c3007d1fe13b1f2858fe945ab09977bbdaa75d479f5611c1e167a66d60a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f2630488f2db6dc77e24444f6466c56c"
age: 171
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:12:21 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: aEJKOWl2gA4HDRyws59M4SQc42V_m8Gx6CAb7rju-6czqJb0fVY8-w==

GET
H2 200 e-uma-estatal-que-so-me-da-dor-de-cabeca-diz-bolsonaro-sobre-a-petrobras.json Show response
json.gazetadopovo.com.br/economia/breves/ 16 KB
4 KB 9ms
9ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/e-uma-estatal-que-so-me-da-dor-de-cabeca-diz-bolsonaro-sobre-a-petrobras.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48e42f55b8ded967bc4c432c75beeef71233188073c7335413f8dec067395f21

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c95b848d98af83e32251892de26ffac2"
age: 171
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:05:11 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Eqnm7CVVyXTa4Q-C0aANA-z2qkK3jtqS84Xf2bxKbcO0uwxg23AMEg==

GET
H2 200 o-circo-sovietico-chega-ao-fim.json Show response
json.gazetadopovo.com.br/rodrigo-constantino/ 10 KB
3 KB 8ms
8ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/rodrigo-constantino/o-circo-sovietico-chega-ao-fim.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3092d1870aed6d6d709a5bb1dc6b223d529fa70e69ff06ee2531b04474086d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"546e86cccfeab4ec5905c4fa386e9c35"
age: 171
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:19:34 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: qbwcLhvXMi_dT_sl0PsvR3PYhO_XPCPHD1yB3zVLnUBBP2hExuL0wA==

GET
H2 200 como-o-embargo-da-china-pode-ou-nao-aliviar-o-preco-da-carne-no-brasil.json Show response
json.gazetadopovo.com.br/economia/ 33 KB
9 KB 9ms
8ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/como-o-embargo-da-china-pode-ou-nao-aliviar-o-preco-da-carne-no-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e0827daff6d9baa80b02f8d0c386995493de951330be4e51074754b03a9f92b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3a37c48d3c6234bf0158f8676e70566d"
age: 171
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 14:32:28 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: bQIUjQ9RYqIJVjQhBuojzKS-Ie9toR80alD_cOeitJQN-VH-fhZPMw==

GET
H2 200 taxa-de-juros-pode-ter-a-maior-alta-desde-a-eleicao-de-lula-em-2002.json Show response
json.gazetadopovo.com.br/economia/ 29 KB
7 KB 9ms
8ms XHR
application/json 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/taxa-de-juros-pode-ter-a-maior-alta-desde-a-eleicao-de-lula-em-2002.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-19408c4dce627c3e9217.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed80f8b280b3966ae6ce418fa8d5342ac7cda41e5e77a9fb92034a8c1a878dbb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bf31eb7e87530284cb8999f6905f7fdb"
age: 171
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 27 Oct 2021 15:15:14 GMT
server: AmazonS3
date: Wed, 27 Oct 2021 18:07:49 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 6fc439c8bc0a64a7ab978ce699795275.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: NmGk_1BJ1_EB4PTefU1lMaSZ8umzaUt3bHVJ-UMkSHKTZEcjG-vk0g==

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
339 B 106ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=492281386&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 776afdef9f5b543e25108a738e2664f0dfc2daf93f3636d85dd1bea2b3369033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102101&jk=3833844748916699&bg=!dHeldzPNAAbUs_yW1LM7ACkAdvg8Wq896ywkvP38k_0jD7eCKm2xN024vrXoC7eedJ4fxMJ_6u-9pwIAAACaUgAAAA9oAQcKAFdxz29jP_vHnkCh0Ysl1sGdFhs-to5I-i_l7dCTIClvYLe6hEdqCuJHty7WsHOTaUBjmgOb4DPYEU2_-QWhXvMyGpq0MjZxYFA7Ay63JD8GUmkKIVr3BeuZAsxzbjauZoucFTLy17XWhZq8CVfPG2EmvVcjBOUb28XTuvHDgibb3nmbBUybHZgzoraIaG8uKTI7wFKlkMiILOUr61L_wAryV4ft34en5D7L5PKnBa5AY9xxf_ivmDafVLJrmK--jRs5ezLATCiN46tLtKVSU-lz822Iy2Ga1obzRSQ_yLuPwcVcca5olEwAjYrKrsxIeCpRkpmeBeHbj37qvhebpEdumoqV-nf85rf9cDezphd25mXByOsQhkDs9ngjKWSptqn1b4Un18zECfV3MAJO4hliCa2dQDi9FaNqqhXo3-JaHLa9Yue_X3igzPW_r3Xvh7yvUG2DRUYxFHqHy6N3uFy-zzzpm5PDo0AFQFLFzUVCBDnp4vKj3lYiYb59gwTVmcoL2urUoVtVx6Y-_IgADoC-m_VX54sbRFmgOxPXNq66T7skgU2tm-auxitWksfdrU2sorettVY-P2w8tholYFIs6AwRZ3-bbB_Gg4r5kOppP5hWSLb6OFLu0I1zHiRqjyTN0kngwslpr2BIGOHWsH5pzEuP_4vPq42UgT4yzskUROex_Ow8ONbQZaI0RuNGs8Cw8jgua_sdrC46NaztxllhE0N5m4lkR2649z5jcEFtlWN1Rnh_9lPDT3rtwCdxpnb5HLb_bsyzp3nlEhf772FWiU-OgYwooDXtdZqqKWv8LvowVtldtMwtIB0RwJUEa3uoZipqoeRbTMCNBklOM2y0HRkCv6r40-aC-smo0y9hMZRsfFTHawxmqTjSlJXt7nHo31AMDdBJKHq_OKfs_AIrlfnmNwdlfoHq1xrAZ6zH67znwB1WkKVmcJ5LaIo51rZ_2x4Q-i0hVD1aOoKeVSeRztfJwuTHfX3AFWFgHH_Ma2UN8UkjDwNjkWdKylfkOitAx62digcnpOliobREMVpRorcVXGwOUATfrdq_fC11tGSE6DOXvA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
265 B 103ms
102ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1635358071230_3632493285&tJ=&tQ=gazetadopovo,gazetadopovogeral&tU=0100007F76957961D406FF5902919D07&tX=b.52&tY=1&tZ=643350317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:51 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame F507 6 KB
3 KB 693ms
194ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Wed, 27 Oct 2021 18:07:52 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Wed, 27 Oct 2021 19:07:52 GMT
pragma: cache
last-modified: Mon, 25 Oct 2021 15:37:01 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 315.000h
x-varnish: 22440852 65539
age: 181850
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame A3E1 53 KB
18 KB 882ms
386ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Wed, 27 Oct 2021 18:07:52 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Wed, 27 Oct 2021 19:07:52 GMT
pragma: cache
last-modified: Mon, 25 Oct 2021 15:37:01 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 296.000h
x-varnish: 23047285 65544
age: 181850
via: 1.1 varnish-v4
content-encoding: gzip

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=%E2%80%9CN%C3%A3o%20queremos%20vingan%C3%A7a%E2%80%9D%2C%20diz%20Omar%20Aziz%20ao%20entregar%20relat%C3%B3rio%20da%20CPI%20%C3%A0%20PGR&il1pi1id=344405e0-374f-11ec-ae72-6db6644812fd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=1&z=1557432651

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Filiado%20ao%20PSD%20para%20disputar%20o%20Planalto%2C%20Pacheco%20nega%20que%20v%C3%A1%20prejudicar%20Bolsonar...&il1pi1id=781b9070-374b-11ec-9a7a-a91dd9f03339&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=2&z=427273128

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Aras%20recebe%20relat%C3%B3rio%20final%20da%20CPI%20e%20diz%20que%20comiss%C3%A3o%20j%C3%A1%20produziu%20resultados&il1pi1id=74507eb0-374b-11ec-9a7a-a91dd9f03339&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=3&z=1805202866

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Desemprego%20no%20Brasil%20cai%20para%2013%2C2%25%20no%20trimestre%20encerrado%20em%20agosto%2C%20diz%20IBGE&il1pi1id=1eacd6f0-3739-11ec-9408-2b2ff8ac3860&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=4&z=573766120

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Como%20o%20embargo%20da%20China%20pode%20(ou%20n%C3%A3o)%20aliviar%20o%20pre%C3%A7o%20da%20carne%20no%20Brasil&il1pi1id=ebdb53e0-3725-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=5&z=810985216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Taxa%20de%20juros%20pode%20ter%20a%20maior%20alta%20desde%20a%20elei%C3%A7%C3%A3o%20de%20Lula%20em%202002&il1pi1id=1248df10-3736-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=6&z=78258044

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Filiado%20ao%20PSD%20para%20disputar%20o%20Planalto%2C%20Pacheco%20nega%20que%20v%C3%A1%20prejudicar%20Bolsonaro%20no%20Senado&il1pi1id=781b9070-374b-11ec-9a7a-a91dd9f03339&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=7&z=393823301

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Aras%20recebe%20relat%C3%B3rio%20final%20da%20CPI%20e%20diz%20que%20comiss%C3%A3o%20j%C3%A1%20produziu%20resultados&il1pi1id=74507eb0-374b-11ec-9a7a-a91dd9f03339&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=8&z=258760814

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=%E2%80%9CN%C3%A3o%20queremos%20vingan%C3%A7a%E2%80%9D%2C%20diz%20Omar%20Aziz%20ao%20entregar%20relat%C3%B3rio%20da%20CPI%20%C3%A0%20PGR&il1pi1id=344405e0-374f-11ec-ae72-6db6644812fd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=9&z=1887896856

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Jogador%20de%20v%C3%B4lei%20%C3%A9%20afastado%20de%20time%20em%20MG%20ap%C3%B3s%20criticar%20ativismo%20LGBT&il1pi1id=7859f5a0-3722-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=10&z=1711427936

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9C%C3%89%20uma%20estatal%20que%20s%C3%B3%20me%20d%C3%A1%20dor%20de%20cabe%C3%A7a%E2%80%9D%2C%20diz%20Bolsonaro%20sobre%20a%20Petrobras&il1pi1id=4d8f15e0-3735-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=11&z=1912782621

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Opini%C3%A3o%20da%20Gazeta%3A%20A%20privatiza%C3%A7%C3%A3o%20da%20Petrobras%20%E2%80%9Cno%20radar%E2%80%9D&il1pi1id=3910dad0-368c-11ec-a537-d54d3cf1ff9d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=12&z=1696374703

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Revolu%C3%A7%C3%A3o%20dos%20Bichos%3A%20o%20cl%C3%A1ssico%20de%20George%20Orwell%20em%20uma%20edi%C3%A7%C3%A3o%20exclusiva%20da%20Gazeta%20do%20Povo&il1pi1id=27a98a33-28f5-4c7b-8ed7-2534b5591e1f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=13&z=2082445282

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Melhores%20experi%C3%AAncias%20de%20gastronomia%20no%20Castelo%20Saint%20Andrews%2C%20em%20Gramado&il1pi1id=3e239c80-f93b-11eb-bc29-9b9328871c03&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=castelo-saint-andrews&il1pi1ps=14&z=62669

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Querem%20calar%20Bolsonaro%2C%20mas%20Constitui%C3%A7%C3%A3o%20pro%C3%ADbe%20censura%20pr%C3%A9via&il1pi1id=25af89f0-36be-11ec-ab3f-5bf82d8d4429&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=15&z=1527021159

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20desmonte%20do%20Teto%20far%C3%A1%20o%20pa%C3%ADs%20lamber%20os%20ossos%20deixados%20pela%20infla%C3%A7%C3%A3o&il1pi1id=173caed0-3735-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=guilherme-macalossi&il1pi1ps=16&z=1807112953

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20circo%20sovi%C3%A9tico%20chega%20ao%20fim!&il1pi1id=160f24f0-372d-11ec-b613-212f7b33f004&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=rodrigo-constantino&il1pi1ps=17&z=1848186335

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Papai%20Noel%20x%20Papai%20Marx%3A%20qual%20vencer%C3%A1%3F&il1pi1id=d1d82370-36bb-11ec-ab3f-5bf82d8d4429&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=daniel-lopez&il1pi1ps=18&z=1582236679

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20que%20faz%20e%20para%20que%20serve%20o%20Minist%C3%A9rio%20P%C3%BAblico&il1pi1id=4fd88b90-3683-11ec-beb7-01a501cf810e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=thamea-danelon&il1pi1ps=19&z=1557437945

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Andr%C3%A9%20Rebou%C3%A7as%3A%20o%20maior&il1pi1id=c5481c10-36c4-11ec-9b5a-fff684bf3147&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=paulo-cruz&il1pi1ps=20&z=501037383

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=CPI%20da%20Covid%20aprova%20relat%C3%B3rio%20de%20Renan%20Calheiros%2C%20com%2080%20indiciamentos%2C%20incluindo%20Bolsonaro&il1pi1id=e580a7f0-36b4-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=21&z=749762103

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Relator%20v%C3%AA%20uso%20indevido%20do%20WhatsApp%20na%20campanha%2C%20mas%20vota%20contra%20cassa%C3%A7%C3%A3o%20de%20Bolsonaro&il1pi1id=262a3400-36c5-11ec-9b5a-fff684bf3147&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=22&z=428619085

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=A%20privatiza%C3%A7%C3%A3o%20da%20Petrobras%20%E2%80%9Cno%20radar%E2%80%9D&il1pi1id=3910dad0-368c-11ec-a537-d54d3cf1ff9d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=23&z=847281300

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Inspirado%20em%20JK%2C%20Pacheco%20veste%20figurino%20de%20conciliador%20em%20estrat%C3%A9gia%20para%20chegar%20ao%20Planalto&il1pi1id=8b34f590-369a-11ec-a8ba-8f453744807f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=24&z=972347047

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=N%C3%A3o%20%C3%A9%20s%C3%B3%20o%20Aux%C3%ADlio%20Brasil%3A%20o%20que%20a%20PEC%20dos%20precat%C3%B3rios%20pode%20bancar&il1pi1id=24457f5c-3ee9-40cb-a444-864e40a31f67&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=25&z=1081373055

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Desemprego%20no%20Brasil%20cai%20para%2013%2C2%25%20no%20trimestre%20encerrado%20em%20agosto%2C%20diz%20IBGE&il1pi1id=1eacd6f0-3739-11ec-9408-2b2ff8ac3860&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=26&z=1052106471

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=O%20que%20est%C3%A1%20em%20jogo%20no%20pedido%20de%20extradi%C3%A7%C3%A3o%20de%20Allan%20dos%20Santos&il1pi1id=6387d6f0-36b5-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=vida-e-cidadania&il1pi1ps=27&z=726492218

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=L%C3%ADder%20de%20gangue%20armada%20do%20Haiti%20bloqueia%20combust%C3%ADveis%20para%20exigir%20ren%C3%BAncia%20de%20premi%C3%AA&il1pi1id=daa714a0-3735-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=28&z=1427486252

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Ideias%20%23210%20%E2%80%93%20Contos%20de%20fada%20para%20a%20gera%C3%A7%C3%A3o%20assustada&il1pi1id=6dece4d0-36a8-11ec-bf85-59e423c3594c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=29&z=1027651224

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=As%20100%20startups%20brasileiras%20mais%20atraentes%20para%20corpora%C3%A7%C3%B5es%20em%202021&il1pi1id=b33b1cc0-3697-11ec-944b-b9b7d0f35c96&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=gazz-conecta&il1pi1ps=30&z=1409812062

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Positivo%20aposta%20em%20smartphone%20chin%C3%AAs%20para%20aumentar%20vendas%20no%20segmento&il1pi1id=d2d57d80-372f-11ec-ad3a-9fc321c1e74b&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=parana-sa&il1pi1ps=31&z=921301079

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Ferramenta%20leva%20card%C3%A1pio%20e%20conta%20do%20restaurante%20para%20aplicativo%20no%20celular&il1pi1id=a26d7800-372a-11ec-90b1-ddbe9f737683&il1pi1pr=0.00&il1pi1br=bomgourmet-negocios&il1pi1ca=negocios-e-franquias&il1pi1ps=32&z=276828273

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Por%20palanque%20ao%20presidenci%C3%A1vel%20Moro%2C%20Podemos%20admite%20candidatura%20ao%20governo%20do%20Paran%C3%A1&il1pi1id=e575c4c0-36af-11ec-85cd-6160b4589549&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=roger-pereira&il1pi1ps=33&z=1563973426

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Em%20dia%20de%20posse%2C%20Movimento%20Pr%C3%B3-Paran%C3%A1%20%C3%A9%20destacado%20pelo%20governador%3A%20%E2%80%9Capaixonados%20pelo%20estado%E2%80%9D&il1pi1id=69807710-36b5-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=34&z=1909195007

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Com%20servi%C3%A7os%20aquecendo%2C%20Paran%C3%A1%20tem%20novo%20saldo%20positivo%20de%20empregos%20em%20setembro&il1pi1id=3af6e8d0-36a0-11ec-963e-d3dae92759ff&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=parana-sa&il1pi1ps=35&z=1830183128

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Revitaliza%C3%A7%C3%A3o%20da%20Orla%20de%20Matinhos%3A%20as%20obras%20e%20os%20prazos&il1pi1id=7a275e25-5407-475a-a211-8245571b6655&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=36&z=74006463

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Com%20demanda%20forte%2C%20Klabin%20reverte%20preju%C3%ADzo%20e%20lucra%20R%24%201%2C2%20bi%20no%20terceiro%20trimestre&il1pi1id=73f9be50-36aa-11ec-bf85-59e423c3594c&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=parana-sa&il1pi1ps=37&z=1731577637

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Golf%20residence%20em%20Foz%20do%20Igua%C3%A7u%20%C3%A9%20sin%C3%B4nimo%20de%20qualidade%20de%20vida&il1pi1id=9f47a560-fe9f-11eb-b1a3-9fb03dbb9a25&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=village-iguassu&il1pi1ps=38&z=1139547537

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Athletico%20encara%20o%20Flamengo%20no%20Rio%20para%20voltar%20%C3%A0%20final%20da%20Copa%20do%20Brasil&il1pi1id=04acfffc-fa23-465d-a755-eb5f31b14feb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=39&z=184531611

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Dinheiro%2C%20bicampeonato%2C%20revanche%3A%20o%20que%20est%C3%A1%20em%20jogo%20para%20o%20Athletico%20contra%20o%20Flamengo&il1pi1id=2b4dfcd4-e748-4a93-bd7a-69c6b889be5b&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=40&z=1496525412

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Contra%20o%20Flamengo%2C%20Furac%C3%A3o%20n%C3%A3o%20%C3%A9%20franco%20atirador&il1pi1id=72572b80-36a2-11ec-963e-d3dae92759ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=41&z=1754790889

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Com%20dois%20titulares%20de%202019%20remanescentes%2C%20Athletico%20busca%20repetir%20hist%C3%B3ria%20no%20Maracan%C3%A3&il1pi1id=1916a370-35cb-11ec-80e9-b3a79f999874&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=42&z=854021758

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Coritiba%20empata%20em%20Macei%C3%B3.%20E%20j%C3%A1%20pode%20marcar%20o%20dia%20da%20volta&il1pi1id=23737ca0-36be-11ec-ab3f-5bf82d8d4429&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=43&z=632993703

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Luiz%C3%A3o%20assina%20renova%C3%A7%C3%A3o%20com%20o%20Coritiba%3A%20%E2%80%9CFeliz%20e%20motivado%E2%80%9D&il1pi1id=8dd9ee20-36ab-11ec-bf85-59e423c3594c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=44&z=1734007885

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=3%20novos%20edif%C3%ADcios%20em%20Curitiba%20com%20projetos%20elegantes%20e%20contempor%C3%A2neos&il1pi1id=bd99e270-3721-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=2021&il1pi1ps=45&z=689345534

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Rede%20Cin%C3%A9polis%20promove%20sess%C3%A3o%20com%20ingresso%20a%20R%24%2010%20nesta%20quarta-feira&il1pi1id=e92eda50-369d-11ec-a8ba-8f453744807f&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=cultura-pino&il1pi1ps=46&z=314273589

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Invas%C3%A3o%20hacker%20revela%20como%20Maduro%20acolhe%20e%20protege%20integrantes%20do%20Hezbollah&il1pi1id=b2cb87b0-36bb-11ec-ab3f-5bf82d8d4429&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=47&z=1336006766

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Maduro%20critica%20declara%C3%A7%C3%B5es%20sobre%20vacina%20e%20chama%20Bolsonaro%20de%20imbecil&il1pi1id=26d40f50-3717-11ec-801f-6978c1541682&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=republica&il1pi1ps=48&z=1855269286

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Com%20direitos%20pol%C3%ADticos%20cassados%2C%20Eduardo%20Cunha%20diz%20que%20ser%C3%A1%20candidato%20em%202022&il1pi1id=7a39aac0-3725-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=49&z=764976741

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=PL%20amea%C3%A7a%20romper%20com%20o%20governo%20se%20Bolsonaro%20n%C3%A3o%20se%20filiar%20ao%20partido%2C%20diz%20jornal&il1pi1id=494d9310-371e-11ec-a1a4-214059512beb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=50&z=2074085426

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Executivos%20do%20YouTube%2C%20TikTok%20e%20Snapchat%20desconversam%20sobre%20mudan%C3%A7as%20na%20legisla%C3%A7%C3%A3o&il1pi1id=8fe9f550-369e-11ec-a8ba-8f453744807f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=51&z=1178472209

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Juiz%20decide%20que%20jornalista%20n%C3%A3o%20pode%20publicar%20v%C3%ADdeos%20no%20YouTube%20com%20dados%20que%20contrariem%20a%20OMS&il1pi1id=43317290-36b4-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=52&z=476694094

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
32ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=H%C3%A1%2020%20anos%2C%20%E2%80%9CCareca%20do%20Talco%E2%80%9D%20ressuscitou&il1pi1id=560828b0-371c-11ec-ab52-41fccbe5b23a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=53&z=232523398

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Covid-19%3A%20casos%2C%20mortes%20e%20m%C3%A9dias%20do%20Brasil%20e%20do%20mundo&il1pi1id=013f1574-fc04-4c04-b552-6fecc79dfe88&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=54&z=1661112213

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=A%20press%C3%A3o%20por%20pensamento%20%C3%BAnico%20na%20direita%2C%20parte%201&il1pi1id=b0a1d670-36a6-11ec-9280-11ae20d4dd0c&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=bruna-frascolla&il1pi1ps=55&z=771667213

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Netflix%20d%C3%A1%20apoio%20a%20Chappelle%2C%20mas%20ainda%20rejeita%20os%20conservadores&il1pi1id=81a21380-36a1-11ec-963e-d3dae92759ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=56&z=831166378

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Biologia%20%C3%A9%20a%20melhor%20explica%C3%A7%C3%A3o%20para%20diferen%C3%A7as%20de%20escolha%20de%20carreira%20entre%20homens%20e%20mulheres&il1pi1id=60dcc720-35e4-11ec-a1a1-5f408d6eb888&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=57&z=2140699835

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Big%20Brother%20Comunista%3A%20Nem%20dentro%20de%20casa%20uigures%20escapam%20de%20repress%C3%A3o%20da%20ditadura%20chinesa&il1pi1id=81f2e500-3514-11ec-b579-75450807036d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=58&z=291161595

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=5%20sinais%20de%20que%20a%20crian%C3%A7a%20precisa%20de%20apoio%20psicol%C3%B3gico&il1pi1id=e11a4df0-366f-11ec-a75d-03458fd73320&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=pais-e-filhos&il1pi1ps=59&z=1110197107

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Decora%C3%A7%C3%A3o%20para%20o%20Halloween%3A%20inspire-se%20nestas%20sugest%C3%B5es%20e%20prepare%20a%20sua!&il1pi1id=caf077c0-3660-11ec-997a-c5f12a7e97e6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=decoracao&il1pi1ps=60&z=474824

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=O%20que%20ensinar%20a%20crian%C3%A7as%20e%20adolescentes%20quando%20eles%20nos%20veem%20perder%20a%20calma&il1pi1id=66a5f260-365e-11ec-997a-c5f12a7e97e6&il1pi1pr=0.00&il1pi1br=comportamento&il1pi1ca=pais-e-filhos&il1pi1ps=61&z=509037973

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
33ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=O%20que%20faz%20a%20pasta%20de%20amendoim%20ser%20t%C3%A3o%20recomendada%20por%20nutricionistas&il1pi1id=649beff4-ad02-4667-bbd9-bc08df3782ef&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=62&z=1057553486

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=O%20que%20muda%20na%20elei%C3%A7%C3%A3o%20de%202022%20com%20Moro%20candidato%20%C3%A0%20Presid%C3%AAncia&il1pi1id=00a9c390-3697-11ec-944b-b9b7d0f35c96&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=63&z=1686092945

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Investigados%20na%20Lava%20Jato%20ensaiam%20retorno%20%C3%A0%20cena%20pol%C3%ADtica%20nas%20elei%C3%A7%C3%B5es%202022&il1pi1id=aa0bed50-35d4-11ec-a387-bfee51d84ab5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=64&z=1133191905

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=O%20esquema%20da%20Venezuela%20para%20ajudar%20Cuba%2C%20Kirchner%20e%20o%20PT&il1pi1id=81711b60-34d3-11ec-b544-73df9435f86d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=65&z=1867331375

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=%E2%80%9CAux%C3%ADlio%20diesel%E2%80%9D%20anunciado%20por%20Bolsonaro%20n%C3%A3o%20sensibiliza%20caminhoneiros%3B%20entenda&il1pi1id=b6824270-336b-11ec-a53b-f98eccf150e0&il1pi1pr=0.00&il1pi1br=economia&il1pi1ca=republica&il1pi1ps=66&z=8213449

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=O%20comediante%20que%20destruiu%20a%20ideologia%20de%20g%C3%AAnero%20com%20muito%20bom%20humor&il1pi1id=b2bddcc0-3281-11ec-b893-bfc38ec2d0de&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=67&z=130870473

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=General%20Augusto%20Heleno%3A%20%E2%80%9CPor%20que%20o%20crime%20de%20opini%C3%A3o%20s%C3%B3%20vale%20para%20um%20lado%3F%E2%80%9D&il1pi1id=b197edc0-35cb-11ec-80e9-b3a79f999874&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=leda-nagle&il1pi1ps=68&z=2001131825

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Hora%20do%20Strike%3A%20depois%20de%20Trump%2C%20%E2%80%9Cbig%20techs%E2%80%9D%20decidem%20promover%20censura%20a%20Bolsonaro&il1pi1id=3ab7ddb0-35d4-11ec-a387-bfee51d84ab5&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=69&z=1422788651

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Assista%20ao%20Polzo%20Show%20%2310%20%E2%80%93%20Bolsonaro%20malvad%C3%A3o%2C%20mas%20sem%20corrup%C3%A7%C3%A3o%3A%20par%C3%B3dia%20da%20CPI&il1pi1id=e8dd7540-31d7-11ec-90a3-a391a2b5e116&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=70&z=312379638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Josias%20Te%C3%B3filo%20revela%2C%20em%20document%C3%A1rio%2C%20como%20surgiu%20a%20nova%20direita%20no%20Brasil&il1pi1id=39b10e60-329a-11ec-926a-250caa2d29ce&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=71&z=1856267251

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Jogador%20de%20v%C3%B4lei%20%C3%A9%20afastado%20de%20time%20em%20MG%20ap%C3%B3s%20criticar%20ativismo%20LGBT&il1pi1id=7859f5a0-3722-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=72&z=747975543

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
34ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=%E2%80%9C%C3%89%20uma%20estatal%20que%20s%C3%B3%20me%20d%C3%A1%20dor%20de%20cabe%C3%A7a%E2%80%9D%2C%20diz%20Bolsonaro%20sobre%20a%20Petrobras&il1pi1id=4d8f15e0-3735-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=73&z=184410690

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=O%20circo%20sovi%C3%A9tico%20chega%20ao%20fim!&il1pi1id=160f24f0-372d-11ec-b613-212f7b33f004&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=rodrigo-constantino&il1pi1ps=74&z=1985842567

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Como%20o%20embargo%20da%20China%20pode%20(ou%20n%C3%A3o)%20aliviar%20o%20pre%C3%A7o%20da%20carne%20no%20Brasil&il1pi1id=ebdb53e0-3725-11ec-aad3-2d413ce4ef4d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=75&z=1293775221

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Taxa%20de%20juros%20pode%20ter%20a%20maior%20alta%20desde%20a%20elei%C3%A7%C3%A3o%20de%20Lula%20em%202002&il1pi1id=1248df10-3736-11ec-8989-154f7f11e203&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=76&z=164094337

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Relator%20v%C3%AA%20uso%20indevido%20do%20WhatsApp%20na%20campanha%2C%20mas%20vota%20contra%20cassa%C3%A7%C3%A3o%20de%20Bolsonaro&il1pi1id=262a3400-36c5-11ec-9b5a-fff684bf3147&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=77&z=1688389019

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
35ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=CPI%20da%20Covid%20aprova%20relat%C3%B3rio%20de%20Renan%20Calheiros%2C%20com%2080%20indiciamentos%2C%20incluindo%20Bolsonaro&il1pi1id=e580a7f0-36b4-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=78&z=106798745

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
40ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=A%C3%A7%C3%B5es%20do%20PT%20para%20cassar%20Bolsonaro%20v%C3%A3o%20a%20julgamento%20no%20TSE.%20Quais%20as%20chances%20de%20condena%C3%A7%C3%A3o&il1pi1id=96870a80-35e8-11ec-a12f-298e11836cc7&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=79&z=344347582

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
41ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Quem%20%C3%A9%20Alexandre%20Cordeiro%2C%20afilhado%20do%20Centr%C3%A3o%20cotado%20ao%20STF%20caso%20Senado%20rejeite%20Mendon%C3%A7a&il1pi1id=812595c0-35cb-11ec-80e9-b3a79f999874&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=80&z=447614402

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE8F 6 KB
3 KB 22ms
6ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 18:07:50 GMT
expires: Thu, 27 Oct 2022 18:07:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E93 6 KB
3 KB 7ms
6ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 18:07:50 GMT
expires: Thu, 27 Oct 2022 18:07:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=CPI%20da%20Covid%20aprova%20relat%C3%B3rio%20de%20Renan%20Calheiros%2C%20com%2080%20indiciamentos%2C%20incluindo%20Bolsonaro&il1pi1id=e580a7f0-36b4-11ec-9024-f7b93ae0aceb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=81&z=1429838679

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Relator%20v%C3%AA%20uso%20indevido%20do%20WhatsApp%20na%20campanha%2C%20mas%20vota%20contra%20cassa%C3%A7%C3%A3o%20de%20Bolsonaro&il1pi1id=262a3400-36c5-11ec-9b5a-fff684bf3147&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=82&z=1002665545

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=A%20privatiza%C3%A7%C3%A3o%20da%20Petrobras%20%E2%80%9Cno%20radar%E2%80%9D&il1pi1id=3910dad0-368c-11ec-a537-d54d3cf1ff9d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=83&z=1044159550

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=62327033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-us.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GDAgEALAAAAAG~&jid=&gjid=&cid=2019788381.1635358067&uid=&tid=UA-23088598-1&_gid=129509643.1635358067&gtm=2wg9t0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Inspirado%20em%20JK%2C%20Pacheco%20veste%20figurino%20de%20conciliador%20em%20estrat%C3%A9gia%20para%20chegar%20ao%20Planalto&il1pi1id=8b34f590-369a-11ec-a8ba-8f453744807f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=84&z=2005522501

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 23:38:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A3E1 370 KB
123 KB 30ms
29ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125402
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Wed, 27 Oct 2021 18:07:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 87ED 640 B
316 B 58ms
36ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 18:07:53 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EE8F 12 KB
9 KB 70ms
49ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ69MQeYvzgu7GQFaJyX12cA2P_3Jd-TVp0loPMRdybmRIVoRjHukIbuuIdHHXEyO8MqE181bnaqY48W9LRyM9ssLSopcWh8f2uWnZxIisK8h2QqviI11CbTs6fY6q8UDlbM9HNtoOF-PYDBgTeAo9BpjCag&dbm_d=AKAmf-D1GwhaKTWiYsx3D_z5-wxsB4lOAd_9NqYwDBc_ejx20GPWglJYD5cJnqU9eWMThHEmQGIepV-DC-_RYnkMn5xuqCva8JdG1nEj_Cms8QHGhsu8C47T_m4zwlNcZZEPmgrYHTKqsnpMQ3hMecVCx9rtbsIaaDxMk2JLOAO8NjY7-BFzQZx-sQCOzKYgfXSugfmuph6jNlJ8Y5terqLtD4Pdr1d1yyuAOfWb8Lissv0Tq6cXHm9kwAPOY2EdRflhwcaOeC-tyIdBTi0UCBjyPRjwufW89pGuX8UPs5WScEV6G5unwTlmJNdoNIbVrfBw3k3n7Uyx5zFbL2Uc-eEfiuuOw9PI0cWJKrfwGCxpRDwegeQvfXIZnzhLKjsbP8MikDy3D3PTA7ZB8Lsp9xwqTpm_3BMbXnkWhVjF-FETK3Zo5Xtkg19pz1Ji1LecXjWv9-yVdRNt2sPZpCHnOM2Z40w1b3jCYyzox6BfAQuMkGNH1_hPr-dEcC0a8UKk6hs7c0FcayfAuwV1Yy4BRbDTcLN1ENbos4dYHWzFkDKhjwg6rVjLmC4kM36LlPD-6PiRoFlM8w0CetUW9ryATzPA68GSwsSeo6mlR4Hx45e-MAGbtUZW8MnnEmrPAmxanyOgyTCmwQUga_-cs3n6Q0VhwKW36ivD8aMYXUNpxBO0Tfg7LE-lPRp0Qb8Cu93sirqylQmivgyLa34QjEmHZyrdrA2lv7kTOIEfRUvHFGo8zExf16O1dEqi1-EpYYYU1512bka-4IOWe7BQGAvviAsykUSL8fTtnmXHo69buJD3OlchNZqzwFmQFVRMLDrVr6peLYOFZmEFirgutvBKmEtQvTH-yE34fl_zvH-GIpn4DuBQjVtXdQx9MEm7g2RJHEaXHWKbY4gdS28EixCK9vadjx4lTOeuKHE_8QeGdmUMGzJYxrx11RtV3snZkwDXmpFBr4OnYDppfOJguvORi06jFGBp-mlLsdjUnKo5jZNkt25rXgJuDCE_UCU94FA3H_TKY6RULGOtVmjja9u__rBRDX7lpaWTPrZdZ3Ck86j39hiLPFQ-9QKmFBhlIPXeJrJBNEYrfXwu1roHGQf8DJAsBmTIjA6NxTtes0VW-1pgsioEG_G-_4dquA2QfNhLfvnXnH2HnR3kDQImOMwnMNlODAAmizm2zWQR9MiWCzIdJmwcL0ucDcuRZ91BP2REh2G2mEnVvDVW26fme0cE5AvI7SVSHkLCL1eYWsCBL0O-_yOqO7sHiGtv-7aYCqmvnKN06VKf_4bjJ3OxGB0q7NsytpU1tn72D-u_mrh6fZ622UmpRESU25GkHhuyrjZuy5jTa5gG0SZmSBwllBmHMgFyw0AopLodQ1blUlMyTGMpYWi11squhn1N-vHUB90gFrBEkjOP4koRhvgY-whIiM31W-wUdETSfspfnNkKt-1a04FS00jLoUJqlr1W_N5X7hYOEvuFwNwd2l8jye-IkWJaRmMC_lu0K8jKPBP88C36rxvLSTkBHZkqPBhgjM3GvKO3AXGckoL3OjYQy3LJIlcAjEqg9rJhr7hmKRj6Synfl6gUl_VMsUbah56hjLl0_wmODIbcmOHz4dedVZpnJtU6iaRze--3FA8pPUADS7d2_JNhFDL1ej7jPchlwQcZnm51dN5BdasbCt7QFPPIXhklaWgU7CzNj3ziY4fRbqTAoRumyIKWuWu25pm-tYi1JiYCSGiOh0QGrtyrDGbaGcnSOYQJacUPl5NIvwI5cdy-qA4e97sEvv1j8MtzQfbm6FYZ5rvNNrLPyrNId4qtsYoWs8spgvnY0oKkNJBZDmCZW9aeFhr83_NefGmFHyuJElxhek6PZRi9JREREP-R5EGm_Ph5JxJaGmMVSYHvRP8UyBo6DVrcW9q_xs4AmDmd5JFi-vlOuQDVRVC1ZZABmVBLnaMc6KWIs8SbTVrJDg8FkBtI-8ClJfCyqRPVUESfiXzFsu7I27oVIrQ4t2q_sZcTxH1NTWXgA2Z6lHwZ4yyKYv5ECuNjx7Vo8ZQ2NdFzV54s03pVehAr46WbHQEtz5OnYFwGiN2uq3Jx-fjRoO_0NKCih1RIsa32lf66HfaGTYqfRR__LapqSVOUEVapBaqEArLFIgkdEYaz3_F0VcsUv1z8GRRE8qKwc5hV0pS_0RtXv8fG3EsLje1qKMn0_9S7Egm467FUZ4lT6KFIuQPazkK9gN5zbKmVV64OshYGhyjxbBWBC-4RM6sthCaimBrWoaZngDKueiNn9O34sRWUffikNZOpMRmvH43pDhXDIwd1PcJlcTkUnl40nv06Bl952JJ4-X9eRa8saEhbvOxto6_OGQisyexBtsAxY98QtR9m33x5qmX1pgYSRQNDxwg0pn3l12d1pwPJZ_CMtwAs2Mp6svP3yt5hEKBnMqgGuBL5I6dTJe9yquGrMXRncnW_9DMcLyBmgZUt6dVunWLxms0hZSefBJS8BxZphTFiIF5h8CzlBDHU-ZuptWmTj-thFiiK9EVnhNXVVv1RyyBk4AdtiOLZ-8X4gp0F-j1dyDd3YSaJ8s0x0IBCs-Ogl_OjZTJ58E8aMxgFaYULG8cBzQBcxodLdEVSeoqOlPTK483UOI9mynu5lBRZxrlJ6KdvjJUJOBy9-7g5MNBQyA0VE9JaLGHB_Two2FcMi8a9Ue_ocNhBi9Y_rmtuk9G_FSKqxPYsJzN2wQV7FaAdOQZK250Qld2Y7kbqqVlTDL7160bISyGkkAXCqQiWHajuQFEVWPOEU3b1a2puczEuaVPyrlOX0awNVFU&cid=CAASEuRoP-nR9Yv0kuQNJ4FONgAaMQ&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

24fa50a9f25c4044f2827b43785231eb00e731b6d1c26b8ef8fbb7a5b5146c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8788
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE8F 42 B
63 B 49ms
49ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cs-REKGZjC6pIH3NBDk2hQTd1NLbBSeVs8BNKyOeRwWBUOAZnxcudddbwgMIWrXoW_E_TON3PBGeXKALi6KZuqtRaW_okHlg6KILCtnohVeDyXXtY

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/742748/55595045/xbbe/creative/ Frame EE8F 236 KB
79 KB 142ms
60ms Script
application/javascript 52.30.120.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/742748/55595045/xbbe/creative/adj?p=APEucNVPz8CN75D5R9GMoYvxbIaZ4ZTvyftMwQImMJumAT39eMNk0tM&d=CnkAoCZ_4Pt1ljg2MibdcNblPeq1O5H1BgF_d7mwCBjqnlU8blJWsONGEFRv_ruitJBsLrlvNrWn-tdMPZpAN8eNuNTYN_kao7xi-U-MYi4W3fdxJGvGEe2jYVFKVL06aabYRDenB_cPFqHR191mi4VRcXXGBiJGYDPGEtkSAKAmf-CM1Up5_EW4lHqZP17qKn-NNoIvmHKM3_gAS8v6ErB9fls57QpCf9aDtDqvML4WTPfRvicLijqAzjVHYRzXBuiBW1fjSU-BBTTkvOE-z4isCtNlLTkQo7MoKyjAevaUKXh6SCeEYk9tPWyP1clsx3hCTRPufF2GU1QFN2a1tQk8NxO0hHg3acdo-B7Cm5NgdJmtu1WNPRMOEYOiODXwuG2sndwap4CyHGl3nEiEf9vViZZqZ3yDiEl1cZuZRw1LcTrpqqf9lii4tPqy7wmFT0BFZxTrGoantbzOVa18A328XDzm3CVqwGXpQ-y9jL6kbIrQzzQQmia0ntxN__A7CS9-5hMdrhoKqnaudZflZJ0dAYUtBGXrSwDo4CafaL0RjeYKQ3VQ0h0wc4npty8ljgQvAKuiM9WRHgQ8gDDqgm7GUomLxK2-SjMLRPWj16wI-HygB1SibMdmtm2yksi_9YS0D2IpMLIihCJrZ1hBp6rSos8qtcUC0xlLN0iCik_RFtFrKINkH10UIV24__U88TJ62qTXVPMpepyHiBSs3XvP1_46uHAOQOvFWNSmG1rb02jU6Rytww0n_3dihB9r43UdeK5iivXRNQl6oxAAwDrtVzVBmKNA6L1EaM6u5YWnbJbjvvKv01XxDLsmQAHYZxNA0oRiuATGUUTpTMaVwWTJg5N24YjbhG-vfOcs1kTWR46ab7VVMDafAbxp5IjROGSdHhwu2o3u7tHz8149pHgeB1xmSg4m1z9mnGPvFUyzZcZ_XpKSGaIhvjqhGrN69sYjhTTem2cDKjU6q_lclFjL0rV7vbyX_4FP-r7XK6jR54zUWRURdmx_-RIU0ERkbQx3UD5XbQat135M5EHOOXXqhLP9JoJV2mTJQf5EZmTOjXYgphIQg_2uDjYRX9UBtUfQtzxPxQIJaHPSTqc199gDV6VPtQy3U2g8-3saphzKfHwlO4Q64yr-lz7Xh1-ox8z_hdk97rD-SRof-cC1jGOfaQ-TmfiXHX-2qEZeszT1dqBUrb6HTLxungxIxCqBZ65hHJbcJ1ym4k2vvwWXGbm5EFRFkA_ZpvPnsMDh3WkeCZKQAbj5H1qCjmI_WbulCK20k3bcPmuL0yoS4yFxjH1sZ3zx6TuMjm2EDWxbT3MIkSd9WLZgCobv-no2eFyCFZHu1a7LIEBMhUD2TSxEyh4LZUNUXUMxkjuNHNKPq1SXZB8vQ9BfxltLIu5btGihts0GxsjOwVfkw7MujkmSKUx6xYeNbX8z4jK5LoJzIx008QqJsqowntLgZNVukdQZlUTcFekPqdMcLqD-eBwwOuU7HLWy-z1R2O7N8RMC9NrD6Nra9KdJarMO76XGWdw1vIEUqnsxjQatzRUWFSqzJNzIp53fRbrQiTZH8EHUB7EDAm3TtDyPKan9SSaxcdtUDDE-jeIhzG1Fc2Jp7Umv11dWBaLdtLeiL8kALJc7aONzfANc1r0Dq80d-WiqzuJY1SMIeMgT44jrcuyOAwDqNpVSWs3CFNtT-Owu3O2510ZNgMWO2jTBPofw5CiLgxYYxt5mkpIM9ef9G0XWGwQxEEYaz9D-ALDgs7PMj0YeASNCl3Zgp1otZHnKmovPNXpUBrgWTtToSvK1K-aCnP5v_89AEf_4K549ov-tdMKiOv5ZS9IWSM8W27a0Mlf8LANDzqSfBc32-rvld9M6sgoGXhPtOdsFm1GM5d71yexBgvlNpf69nnDt7hgeE_utGYvoQE-QTLQy6sBHS6Nkw40R5YvORj2yg5SgQRMmfK7E2oiNKfehdita2QqbmcpU8tqXFPSSLAy_nUpidqu5i9rQLBsVMAg5DTf1on4ZW-Q_ML83nzOIfJWB4RNp4P182Ch4Wn8v3WXGJsw-1LfMRVD5sKnQGYV8ukOP0yUngv0jjHAI5P5SFduv8P76ldC9WdyVdJg7dzOxbUHdgJgRrXY6r-fMbn-2H4J9sreZ0A5n_sTGivXoflQx--LUsii1RDJVLLOexPVBfiyuLXKPPS7Yn5dpXSOo1d_NcU_lkdcaDHsm1OeUQ1PuFp1p6UXb_-AqrGmvHpq-DtOO9yWSp-l4eCgEvbmvscxf_c08EirkEtrBL6ATUUIqE5byozeVA9mtxXmZ9W2IoDYlf3riW58yE377TPNxTdU1vcKJ9E2oGz9nNmjQ3PF36NqzBW0qBqyYWTwrFuKN7xdHvh1N0UqKVPTyZpCfsqs396dTOIHM9G0IM9bkfFLbsmt2OxwnkOhxagIkuq1WNVA3beW3N5iP1f0LctZQAnI3DayYEq8eWIhq5g6X5zUofIvqE_2t71sYx4Zu0f1NEVhuBdUI3Vxs3G2uUsMGOh6rjJYzdgJev94g_Ep_YhTFK6Zyvc88Y3tg4gbHgGNCf9t1xiFOEspOEaX90HPvZnb1WTb46nPlTkPppc4MeICfd3H4RYKxjMpWOWINknIjBrFGIz9KyMB2r9DB350TkJV8pzhLwYraNPWsv_L0MvGuAcuz3tBCXFLW56u5-hlJud9f3pgKBAHxhaZtpa2-pFKy3uGPypRMSJlY0D6sFaSHz2d9WssIYK2lnyAsg67yJUa3tsH1qXvI54foxcA6Tq2FzxrOJkC1VgWqpjj5BTxRQncO2WvlNkgqcxGAwn0nA5mnAX5QcVM9MQohTd_-RYpNLNvPAlUhvC5nG6I4S5FjsfX5-AaX3KAJuikLakjoO-5T2rPNgngroUQZfB6FYxLLMCJ_9uWMnHB5ZF6wVDBUjC6Rdrkp7jm2m4hiCraV1m7dXD6ZZsq9GO2naslYViQtxbuWSkmi9XW5NcqpzUf3ZMaI0djlKYuil2W472pJtjVxUUBJmMGk88HcfQaFf0vot9d3ZyNB1xn7H6oA-L-ZSkX2ypq5xX_3g7UKOjLpg0sC3laO2QbGkN_42Z3w7gsf8T-WsrZmGXph99P9kOg4raHzPcGyvuMbFvt-INcxED22VL-v70r6wKGEcYczI4atVtOlxW2DNnsNDDXzuIg-4FCXd354siI4FNLBVkm8ya4Lb5pltoD8dUD01-tsk8X2WGZGl8CASSr0_dFvMuLKWUb-wUNISZCCPnyabDWJ2dPzjVRUiIegbzU6wi74qsGUAkUMWR2skPITU39oQd77nQeQxy6u6dpPuu8rSsQxqLjzz-fS5_bCncXf71ZK1ygaFggAEhLkaD_p0fWL9JLkDSeBTjYAGjFgAQ&ias_advId=9UiB3qDh&ias_campId=v1__amncamid__%ebuy!__51978127&ias_pubId=pub-6330791094260149&ias_chanId=v1__eHzN2tHl__1__${APPNEXUS_AUCTION_ID}__${TRUSTX_AUCTION_ID}__${IX_AID}__${OX_AID}__${PUBMTC_AID}__${RUBI_AID}&ias_placementId=v1__%epid!____20434151&adsafe_par&ias_impId=ABAjH0i2FxW_ewkFcyYIWVnDl6GU
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.120.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-120-14.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d52d2c836fda275efc4ed5a25fa2371e567e88ffe51b7fbd08b5598d11d6c840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EE8F 3 KB
1 KB 6ms
6ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 18:06:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE8F 120 KB
37 KB 57ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 18:07:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EE8F 14 KB
6 KB 7ms
7ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 18:04:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 572B 624 B
297 B 38ms
29ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM3knwEQ04nIARiEkb6zATAB&v=APEucNX5YQtYWrjHVUBVJuM0YupbnHtaMeiI4yuQpG56AlIXRTYQtRNy9ui3qhfXH_fN5mulTHZjNqTRnnDbLZlfhwGvBM5LkQ

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 18:07:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E93 12 KB
9 KB 57ms
49ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhqVNVGdK2a2RzbXe75JmypqdUaPKgux8DFwBhJL5znLB6Nd4zFFGsPQybtfcJGTR0UZhzltzWr04rUGvSIGN6UTnQ3qTA3-o0cNqWZZ9O0qnxIXvMuYxh7Ct2y8H2t2sCxx70gw8V-pwzA_rdYhSORzvwEg&dbm_d=AKAmf-CU5uDRBe32_wLE7cZdgDQupI5NBNpaor2TZ257qFHDjjrzgiBVsBrTcDLmro20Hd2BGHv8kYWLlmZ1w7I5j5U6TLRb21AkI9QTAQ14ke4GTqa8S5ZWtRvS_V-wGALOvOrZezFzTHV0NvdqpKRNVEryK6ZWUCcT80CcWexo0b8qiCDwpY8nkDd0ftNGMGhJvOgiqAIfQEKhUADarbE9Fy8m5CakOD4LoRRZFx4NxrZ-oeW8YQxiEoygpAvZ4rjIT4fi4t0QsFHHysRcAOMg-ZYe5YhX3FE5xoCAX-o4e6c30pfUGNrNpr1zjyGDpSr6TC5THOBp4Faog_L76kBUfRMHvxxTw-IGnYBMAX-40FUoOUbVxgytqxgRe-Di9baqpxmGUVIkfDCaSCRuSI6EbbomjVo-4DV9_XfuLkRcgKefu1rg61ObQiCIhMDkGGjvYtg5q_ww0lbghdmOfTBTGq9UWKBiQByoEijRS1gnnMB3Atw7bZ5-XZ2SA477VnictqYNLPUgvmS06zLEiv5Xi6YbGToRffu-uxlPXYee-vTffro5fcFa1XYYKq5fWeQroYM9-LbJaktmj1-XH_CHvw30VSOTN0ISG9xuZZuZQ2Md90jvIRURJiv_4WRBI9LUyR5jZUYuaEtwljrTHtAfRzKrLUXJrYweKvigvd_u32NTbrj2WUR50PSTXV6YgcZg176CmAOIdVxK55f8MvheDMhU5_lYOVQUE6P1o0s64hq47tANIW2e83npjwkewifA9xVLKXZkxvxmqwuir_EJOXAVzUEMynL7VKUk7LpE5JYWW7BODirrRlMzJPFIPuGvwkIL7SLhZlzTDwFG_KtNP6SEfq0t7QUuCk6kZMkukG5C8qZzb-ebttUeChC2Gir_TpMfaq8En8D82ht6_HnXeag93x46SkL4BVBFVoqp-sCb6gUVeTquGpt_6jDuvAJzttKWnwkIm7VKenAoMzZQxqxWPYzQmYVwk6vIsawIXNE4KtNra9JV_pTdu9vL1OGymtrHM5j9IGhx2e26fAbQQUZ2_glrNPdNgT8PYsdiTQx23td-sOmrAfo2Y8emgz4qbDCksV2SLbtn2BEClqdA6bSmudJ2Cxlyd7yMCZIf_r9jKueNQKRBJqzfxeguvXCCt5oIe42C9FgYzseTwQUgSdZbh3iXs-m5mT9CY8tCKiq6kcIYdRHHBoTJI_-HlNEXIc-LdQ07cE3b_JznCs2Rp8s97juvLPFM8NPJyma14BQrqmeGAE3hPY4xShSUIa9q7FvzDdbbK4mq468TlR5ROOKlwhltOY1YEhqBXgw-hm8CEcJlEwcb_tdu8ZvpYyGA_KrJskavd_0lgPBPmsnUyTJzP4iYmVc1lhXCFnNnTCd-dxXwLBJUCR1zGTceKW7jxF2_2iQkHfZYaRg9nWp9hbvxqHz9iYjD42y4kMR5eQKdc80kFiY2ttRTKQ0fs-XjbY9H6aavdI8lSviwgXXDcGFar7zf3-jfiNItJsxpw9_g1DxNtaFB2_DNDGeBNOW_dRgyT_mD_bjkdo7Yv7Ltn7mDmZiGfzS2do4GtWBynyAdxkhfw2q5HFF65he7J9wFq7aAX4CI4YP41vZ8GsU6zt_XXlCGGBg8vN51ZlSR7u_i7n9I6d_WFGHEQvl_li72AoPByPmZc0sa0OluT7HyhWmHRvImOy7HwMvYEM_NzTenHtNhJzeQgkbyndjonsVR4gDxv51nGwwKyiIuL4MJE6_8PiejD1M9JrIaq_ccNHrlUWDJx9yHaKfR8uIUcv3ccJMbyjvDAk3pEqvpz5Fibnn3abrQWRxJejcP6p5-CrtVCMLk8qYXUtxd3F-7nxamCyoHN87v0-ubMZNSBOdg1owxJOy_Z2N0TvNHLeDjMh_wSueaSX854esLu0YOWXZrv-zfS0xbyi2jnNmKQaV37rmJSXHixws6RWrEOosMT9SsKDpZdmIWnldgwMGXjgRiw9IQvuvX3ZMCSllBs-WRiTa5vRMUSwctC3zkuCfENtq6fUgR-YcfNGmkBsqpoFEtRrGOGT8eZ12Ia9KKdS9HznnwsAk4fJCFoe5JWvzD5dqPm9hNyBNEUxWIt_D1AvwlNEY0F_CyukvH41rCRBwoWoEIk-57LzKMJS_2sCJc8rcPXA7Df5vKGnLO_8BrEDyefKoHYpcuM6o1t7YY1CaTDFLE_pL4rBrgf85nxSQ2nW9PyI7N19H0109ZqC7hmHJoZnTX7EvmQGWCkIaEznLmdphJ1c5j99aKDhxLTnCBO8n9PEGGKg67oTexm6vWVTFRJlSfWGJGbb4Qt-eYAP5h0SGQW_4xk-xrvAfFuAIT-mirDAKhp4V7xMYraatcJA3YyA-_R0TlG9_2y_5IlhIc2ssU4Oe-IOkdB4MR8pNI88_-7NySuPpXJw0ac9L7VizeYdGRQaMRq1A3pSJqXoALn0eVb0VYJdXmWYlifKygY44GPfvhegeIv15DjU-Y6gMW1Ewrt9EWZgeImQzeiAOh-hvWwsh0T4A6k78ojkjS-a1SfhrJVlJpVY1wcqtT2vpEBTOja9xohDcVnd-81lVfuKcfMpv3npkJ-oUpb2x7howtIDyws_LanY05QMmJpeQEe97jrbSf-rszEjnImfQUgiGUUZrSCteZiXdns0oD_z6jb0eT0JXwy7UvwPvYDpwcYdHXn4N-cnyB95TDbILo8ZUVayx2Uxm-PQv9SQM5hiiqDAAmjTbhlob1IJ-JK4Pu0YoLZFPvnX4Qg51LPAS-03qa0i0dgT_uDSayP5BdRtNjRfvhu44&cid=CAASEuRogpEbwN1j2RAGusUFJwW1nw&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.admin-us.cas.ms
URL: https://www.gazetadopovo.com.br.admin-us.cas.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

cde00762e4fbc61ed3a8f6e907595824981373d791648737fc0631637a263546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8852
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E93 42 B
63 B 48ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-cx8zv2fXeoFwa0nosVnMRSd5CmFvv7TaNLo9jIBCo1tAID39k3S0UYzwmAxv0TRWEKAQaiRJZzwEdJ5cUs9uQ8zejupuSWISN3DTqHahwgy7ozQ

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/220584/56772992/xbbe/creative/ Frame 0E93 236 KB
79 KB 192ms
121ms Script
application/javascript 52.30.120.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/220584/56772992/xbbe/creative/adj?p=APEucNWBhqcyg1FDBWHWr5fA6b7JszTrweIqTHl-xY8PbEZD47YEwko&d=CnkAoCZ_4PGnhRmsj8nGmm3fMKv_jda6WTHdf5QdPDI6MO5BSsgP_2ZTWvA5y4q4HTAdtKBux1BfXITTtPWtgIycgt7Q6jGXD8Ev-N2p9lKgcPsvbixcuQzJETnBhbXKB7VFQw2HKA_7Mme9iGISNi8qdzTbf_wlWPPJEskSAKAmf-ConDk2hXY_5YoM-h8414C8mzo6VkrvvK3R9ZlBdtqCS0AeuyLV8okkQBh_Ij2lpdLJNDeGH7PsglN_tGhpPTbM_wyWqsvt391w0LJ_3WLsuf6HnFLtNjHRSzREqr4dlKyb1jr3Y9DJeehXCtmCxITjAXHwcvjp0IR8j5iQtXQfo6sG2sr9CPozH6OH5FlSybilsCWYvZK7X4EWmG9cKOzlP8iVrRqBy4bjCsNHlXyNiWTFwpW5B1MOHcY2e2SLwUORrRfrrZD-gX5wmvPZ962oV0yzV2GdLpwJ6BbX9Ct6WhaGsZU5-xmV7IcYbm3iGQOI69HZr06SUnpWvrBQDxg66g_PBuypoE0bsIDZz_WXu6sVH-IOUTxdnH1N8OVZx67Yo47bEXCxQI4fsy7ThXf210LZteFh6nA82eTjP87_k6ZjjQrisSsJfO_KG4D2q8AEn4d28EHJEodPRWKEV8DSS7Wg7DjXh4AOwHd9tWN8Q9HFNnpZq4dIGjDY92KybS4WZwnp9aN723Ldhw8okTO3Db_7VjDrmFJ0Jg5p1-2SD7d0bfFWxkmnRL26JW7RPNdnILgnGoJumKBzzFHUasw3JOVhpkL5K9pc_EltFrCtIUsIPQh23Wx0pI_UaCTlITK_qZ7qm_2gBl6w7C4xYER_6GvZ_U2d1j44tgwSGISljP8fijb9PTk_DFGjXfb4rcEFHwT3zYPsQeCnIF77q7stW7C13YhVWbCx-kb6qeLJzfxCW7z4DSII3cbK_hdAkxVIo5WPE4LU6_EtnRENnUpdB60j-adIoV4YHtHrUvk1k1uS-RW2ybKnpxiHJKpX2zcGqIvepvwYon0JRKy3giXQ2AJOyRjcTbrA1LMwxL7UbXMap_Xu6U39zQ8dRaHbQqJfFieddJC7-dzu7_UL3vtTyOowiLtDQVL-uSQY5JikxgfO1fnl2Hm-JX0_cxMHjMF4NNDbU24b--_YVlEOqOrZHDF_GT_iDARSqgJOZiAHcTPrMmMjHOFLYkBH0fgMgCQMhWkWicBFOpHdk17GC-Mn-Y-A8r4c0bMwytpEIg6TmS8HgzfnEckxdu03jf4NqoSVG0vRWE9jMbkLZ6_b8QkMufmX6fOVgMtgGAK2e3CQiXRcwhDpK2kuak8iUqTsImMky5nqMfcbEo84C0Taw8F3lL_5HqUtiQnqMSyiZamcU7H2oR_dZN4JjuimQ5qtEX4IYyPZSzfhGtOF8Ne5s9oLHMIDj4a5AIN7Yej7RZ3lVyEQVcXSoJPLDccDowh6ztZLq4tSoJYnody1H-3Z4bA47r-9gmUOyKEGs52Ou2PEvJZxg9lLn3AAptljo8cMWzpqOdl3-v8fmPB-VCWGk69_vC3hyBk6ov9gWR0LJYCW1eFhxmkxDIiuLbVoJ9yZY2czez958q9d5HMHSF5O_Ff9D8ChljIzkzf4iwyt4wYd8m2bqUwnZ3rbP-tfGMTCXBvMnsZcDQx54C19VOh3kNA9snNnbMRC2bNmZPjh-k1_ZWuZMlntD9O8gTXOkpJQRQ6z1QfeQxT99R72iFoZ9Pou6B8pwRVsnEaqwivQB-9nHrZ7SytDs_ndrux6wXYF8kv0FRsxSb3s1DFryWc7rotLi9mMCO99UL-CM7RdDvjZpjhW9tg_SRXZQxbEXd_rO1kqO5T8V3E6VGBgT7-AHXJMCMKeB9U3BPvmo4xeqNvN3Xd8htGnckxoQYlCYlnEwntMnvaqul_acrYILqzyFcUmW9YK_quiicEw_fQg3T3IRmbTHJo6gCNHtTUc-FPY6wnhYf57IC3TcrsUAMXkEK8cyQlsHZOjvcmh0g0OIKpQEIrCzKCSsfRrTohHGIR8eU9pohBHZxQDhXFxejJWm5uuD9I5vOvLRgxHgez0kS6Owp1G4HFVf4JxWmC6QljxfHwu1B2R8nx1aG0mb45MQI4bEE6pa2pOopp4V9UHmMSxMwUqwJ2GCy7IQscG0x44GfQIoPHHqrfXK7TZMo2Yu_OSli1_bAJeZgk1bSJG3lxxy6mnQoVShM1yKX7xUT7mIv_M8hzMoOmp1tN2He2_a_LlutuouVOSG6d3HngqKaCQ5SeW2BKUctlGyVl7V4UTuN342lCGG0fAsr_K5CsHtSIhB3KbmySfUdemiYdYLtMJjWkYSPcqB1yoIz2GHHezudhkLg5ZlELQvn5v6S13k_K7whpCE_eiYLl28bDr8dO1zKYymwwILn8fWGzhrheqHDzupdXdvASJQEovwEoFmknbeZjhlTGCzJ7E5_RC6sm1kN6044qhzDtjorJaw-nyQ5DNh_IXX9VBRa98TXKRSKsEG-HcUDADzUWzxaperJcavWD1v4M3S4hO1Br_sXsxFtEEIAwKkk_S_G5HTb6iJCEzBpXIJ6EhCUTJQdh0oI3UVT8ov5_ePm80pRfV9VX34VdHrD1sJMILv0O1jX4hvl6IyGF3G352j3abiCkXatnmAVlXOr-Mg0FfLjTsyO-iCJy-N9UqZpRTLVC82mWB_1VMmsqVX8vg8Al-uP9n0vFf-ARiHYY6o8RVcm0_BQpACtc4IfcdOZL1hI5_HRAEDGoD8ZPzzHbZS7nX2HVZqFA16Di83XxhFjX6LZfZKJWawdmNwk9R018EzQGK01Kyzihe9si9-sxwyz8iNA7DqrSzDzWOh5OhGb-qzCpfIHzwzg_alQbwi07pldhUmmapXKPiTkM8WlUTFz9m2--d85XeTf-qakJNLm2Iid52hcIp-qRLdN5TiLE940nmhwkEnOjr2Z8FeAN9TpAOMubIHpQo4mTrTnViyUOPqj9Jnurn3UZ2meU2tGuF327HDxmni6eU2iTY9RzcZXuyDi06_2g6zbMuuLyKH59Qv0z_rQJms5PW4SgdfN2-TbTRsiZ9F7-0UznXL9ia1-1nh3OmdLrDqkR_LdsQibZX_wzWL3LnCeFlIGFl3ElADGwwt0-QJ8X6xHpXNb151l6c29c0b3-yoby3aorlvbn6DtHCuzI6cDwajB5OxFlXP_8E93pn3xNwO9fEuLbCEUVzpVOqaTHtOl2RuOwLFxzO2s_LlrDu70Hzf4-hSsI3lUsxXIr6ZVQCFCWfGve2Kz_iQBk7rj1Qysi2l4oTsbTfI32-A121hgz8cQHvR2a9GXOog3mAq2j0uQrbuBoWCAASEuRogpEbwN1j2RAGusUFJwW1n2AB
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.120.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-120-14.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 67d401d1577a373960dc234444cb5c66fc7425a783dfb985c2092d2dffbff15a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-server-name: app10.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0E93 3 KB
1 KB 7ms
6ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 18:06:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E93 120 KB
37 KB 54ms
27ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 18:07:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0E93 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 18:04:09 GMT

GET
DATA 200
OK truncated
/ Frame A3E1 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 572B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1

43 B
894 B

22ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM3knwEQ04nIARiEkb6zATAB&v=APEucNX5YQtYWrjHVUBVJuM0YupbnHtaMeiI4yuQpG56AlIXRTYQtRNy9ui3qhfXH_fN5mulTHZjNqTRnnDbLZlfhwGvBM5LkQ
Protocol: HTTP/1.1
Server: 184.30.20.241 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 18:07:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 572B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXmVef.ZTcuKtcd8t94ChAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1&google_hm=2

43 B
894 B

17ms
16ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM3knwEQ04nIARiEkb6zATAB&v=APEucNX5YQtYWrjHVUBVJuM0YupbnHtaMeiI4yuQpG56AlIXRTYQtRNy9ui3qhfXH_fN5mulTHZjNqTRnnDbLZlfhwGvBM5LkQ
Protocol: HTTP/1.1
Server: 184.30.20.241 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 18:07:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4HUt2czoAPU3jEiEf4Y4M&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 572B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH_7QjuA-u12RI7wzd-CUwQ&google_cver=1

43 B
1008 B

20ms
7ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH_7QjuA-u12RI7wzd-CUwQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM3knwEQ04nIARiEkb6zATAB&v=APEucNX5YQtYWrjHVUBVJuM0YupbnHtaMeiI4yuQpG56AlIXRTYQtRNy9ui3qhfXH_fN5mulTHZjNqTRnnDbLZlfhwGvBM5LkQ

Protocol

HTTP/1.1

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Proxy-Origin: 216.131.114.229; 216.131.114.229; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3164735b-9765-42bd-b127-5c681a8b85da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH_7QjuA-u12RI7wzd-CUwQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 572B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2OTM0OTE1NTgxMzYxODk2Mg%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2OTM0OTE1NTgxMzYxODk2Mg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Proxy-Origin: 216.131.114.229; 216.131.114.229; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d8df58ed-67c4-4641-976c-ef32fd9a03ae
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2OTM0OTE1NTgxMzYxODk2Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E93 41 KB
15 KB 7ms
7ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhqVNVGdK2a2RzbXe75JmypqdUaPKgux8DFwBhJL5znLB6Nd4zFFGsPQybtfcJGTR0UZhzltzWr04rUGvSIGN6UTnQ3qTA3-o0cNqWZZ9O0qnxIXvMuYxh7Ct2y8H2t2sCxx70gw8V-pwzA_rdYhSORzvwEg&dbm_d=AKAmf-CU5uDRBe32_wLE7cZdgDQupI5NBNpaor2TZ257qFHDjjrzgiBVsBrTcDLmro20Hd2BGHv8kYWLlmZ1w7I5j5U6TLRb21AkI9QTAQ14ke4GTqa8S5ZWtRvS_V-wGALOvOrZezFzTHV0NvdqpKRNVEryK6ZWUCcT80CcWexo0b8qiCDwpY8nkDd0ftNGMGhJvOgiqAIfQEKhUADarbE9Fy8m5CakOD4LoRRZFx4NxrZ-oeW8YQxiEoygpAvZ4rjIT4fi4t0QsFHHysRcAOMg-ZYe5YhX3FE5xoCAX-o4e6c30pfUGNrNpr1zjyGDpSr6TC5THOBp4Faog_L76kBUfRMHvxxTw-IGnYBMAX-40FUoOUbVxgytqxgRe-Di9baqpxmGUVIkfDCaSCRuSI6EbbomjVo-4DV9_XfuLkRcgKefu1rg61ObQiCIhMDkGGjvYtg5q_ww0lbghdmOfTBTGq9UWKBiQByoEijRS1gnnMB3Atw7bZ5-XZ2SA477VnictqYNLPUgvmS06zLEiv5Xi6YbGToRffu-uxlPXYee-vTffro5fcFa1XYYKq5fWeQroYM9-LbJaktmj1-XH_CHvw30VSOTN0ISG9xuZZuZQ2Md90jvIRURJiv_4WRBI9LUyR5jZUYuaEtwljrTHtAfRzKrLUXJrYweKvigvd_u32NTbrj2WUR50PSTXV6YgcZg176CmAOIdVxK55f8MvheDMhU5_lYOVQUE6P1o0s64hq47tANIW2e83npjwkewifA9xVLKXZkxvxmqwuir_EJOXAVzUEMynL7VKUk7LpE5JYWW7BODirrRlMzJPFIPuGvwkIL7SLhZlzTDwFG_KtNP6SEfq0t7QUuCk6kZMkukG5C8qZzb-ebttUeChC2Gir_TpMfaq8En8D82ht6_HnXeag93x46SkL4BVBFVoqp-sCb6gUVeTquGpt_6jDuvAJzttKWnwkIm7VKenAoMzZQxqxWPYzQmYVwk6vIsawIXNE4KtNra9JV_pTdu9vL1OGymtrHM5j9IGhx2e26fAbQQUZ2_glrNPdNgT8PYsdiTQx23td-sOmrAfo2Y8emgz4qbDCksV2SLbtn2BEClqdA6bSmudJ2Cxlyd7yMCZIf_r9jKueNQKRBJqzfxeguvXCCt5oIe42C9FgYzseTwQUgSdZbh3iXs-m5mT9CY8tCKiq6kcIYdRHHBoTJI_-HlNEXIc-LdQ07cE3b_JznCs2Rp8s97juvLPFM8NPJyma14BQrqmeGAE3hPY4xShSUIa9q7FvzDdbbK4mq468TlR5ROOKlwhltOY1YEhqBXgw-hm8CEcJlEwcb_tdu8ZvpYyGA_KrJskavd_0lgPBPmsnUyTJzP4iYmVc1lhXCFnNnTCd-dxXwLBJUCR1zGTceKW7jxF2_2iQkHfZYaRg9nWp9hbvxqHz9iYjD42y4kMR5eQKdc80kFiY2ttRTKQ0fs-XjbY9H6aavdI8lSviwgXXDcGFar7zf3-jfiNItJsxpw9_g1DxNtaFB2_DNDGeBNOW_dRgyT_mD_bjkdo7Yv7Ltn7mDmZiGfzS2do4GtWBynyAdxkhfw2q5HFF65he7J9wFq7aAX4CI4YP41vZ8GsU6zt_XXlCGGBg8vN51ZlSR7u_i7n9I6d_WFGHEQvl_li72AoPByPmZc0sa0OluT7HyhWmHRvImOy7HwMvYEM_NzTenHtNhJzeQgkbyndjonsVR4gDxv51nGwwKyiIuL4MJE6_8PiejD1M9JrIaq_ccNHrlUWDJx9yHaKfR8uIUcv3ccJMbyjvDAk3pEqvpz5Fibnn3abrQWRxJejcP6p5-CrtVCMLk8qYXUtxd3F-7nxamCyoHN87v0-ubMZNSBOdg1owxJOy_Z2N0TvNHLeDjMh_wSueaSX854esLu0YOWXZrv-zfS0xbyi2jnNmKQaV37rmJSXHixws6RWrEOosMT9SsKDpZdmIWnldgwMGXjgRiw9IQvuvX3ZMCSllBs-WRiTa5vRMUSwctC3zkuCfENtq6fUgR-YcfNGmkBsqpoFEtRrGOGT8eZ12Ia9KKdS9HznnwsAk4fJCFoe5JWvzD5dqPm9hNyBNEUxWIt_D1AvwlNEY0F_CyukvH41rCRBwoWoEIk-57LzKMJS_2sCJc8rcPXA7Df5vKGnLO_8BrEDyefKoHYpcuM6o1t7YY1CaTDFLE_pL4rBrgf85nxSQ2nW9PyI7N19H0109ZqC7hmHJoZnTX7EvmQGWCkIaEznLmdphJ1c5j99aKDhxLTnCBO8n9PEGGKg67oTexm6vWVTFRJlSfWGJGbb4Qt-eYAP5h0SGQW_4xk-xrvAfFuAIT-mirDAKhp4V7xMYraatcJA3YyA-_R0TlG9_2y_5IlhIc2ssU4Oe-IOkdB4MR8pNI88_-7NySuPpXJw0ac9L7VizeYdGRQaMRq1A3pSJqXoALn0eVb0VYJdXmWYlifKygY44GPfvhegeIv15DjU-Y6gMW1Ewrt9EWZgeImQzeiAOh-hvWwsh0T4A6k78ojkjS-a1SfhrJVlJpVY1wcqtT2vpEBTOja9xohDcVnd-81lVfuKcfMpv3npkJ-oUpb2x7howtIDyws_LanY05QMmJpeQEe97jrbSf-rszEjnImfQUgiGUUZrSCteZiXdns0oD_z6jb0eT0JXwy7UvwPvYDpwcYdHXn4N-cnyB95TDbILo8ZUVayx2Uxm-PQv9SQM5hiiqDAAmjTbhlob1IJ-JK4Pu0YoLZFPvnX4Qg51LPAS-03qa0i0dgT_uDSayP5BdRtNjRfvhu44&cid=CAASEuRogpEbwN1j2RAGusUFJwW1nw&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EE8F 41 KB
15 KB 7ms
7ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ69MQeYvzgu7GQFaJyX12cA2P_3Jd-TVp0loPMRdybmRIVoRjHukIbuuIdHHXEyO8MqE181bnaqY48W9LRyM9ssLSopcWh8f2uWnZxIisK8h2QqviI11CbTs6fY6q8UDlbM9HNtoOF-PYDBgTeAo9BpjCag&dbm_d=AKAmf-D1GwhaKTWiYsx3D_z5-wxsB4lOAd_9NqYwDBc_ejx20GPWglJYD5cJnqU9eWMThHEmQGIepV-DC-_RYnkMn5xuqCva8JdG1nEj_Cms8QHGhsu8C47T_m4zwlNcZZEPmgrYHTKqsnpMQ3hMecVCx9rtbsIaaDxMk2JLOAO8NjY7-BFzQZx-sQCOzKYgfXSugfmuph6jNlJ8Y5terqLtD4Pdr1d1yyuAOfWb8Lissv0Tq6cXHm9kwAPOY2EdRflhwcaOeC-tyIdBTi0UCBjyPRjwufW89pGuX8UPs5WScEV6G5unwTlmJNdoNIbVrfBw3k3n7Uyx5zFbL2Uc-eEfiuuOw9PI0cWJKrfwGCxpRDwegeQvfXIZnzhLKjsbP8MikDy3D3PTA7ZB8Lsp9xwqTpm_3BMbXnkWhVjF-FETK3Zo5Xtkg19pz1Ji1LecXjWv9-yVdRNt2sPZpCHnOM2Z40w1b3jCYyzox6BfAQuMkGNH1_hPr-dEcC0a8UKk6hs7c0FcayfAuwV1Yy4BRbDTcLN1ENbos4dYHWzFkDKhjwg6rVjLmC4kM36LlPD-6PiRoFlM8w0CetUW9ryATzPA68GSwsSeo6mlR4Hx45e-MAGbtUZW8MnnEmrPAmxanyOgyTCmwQUga_-cs3n6Q0VhwKW36ivD8aMYXUNpxBO0Tfg7LE-lPRp0Qb8Cu93sirqylQmivgyLa34QjEmHZyrdrA2lv7kTOIEfRUvHFGo8zExf16O1dEqi1-EpYYYU1512bka-4IOWe7BQGAvviAsykUSL8fTtnmXHo69buJD3OlchNZqzwFmQFVRMLDrVr6peLYOFZmEFirgutvBKmEtQvTH-yE34fl_zvH-GIpn4DuBQjVtXdQx9MEm7g2RJHEaXHWKbY4gdS28EixCK9vadjx4lTOeuKHE_8QeGdmUMGzJYxrx11RtV3snZkwDXmpFBr4OnYDppfOJguvORi06jFGBp-mlLsdjUnKo5jZNkt25rXgJuDCE_UCU94FA3H_TKY6RULGOtVmjja9u__rBRDX7lpaWTPrZdZ3Ck86j39hiLPFQ-9QKmFBhlIPXeJrJBNEYrfXwu1roHGQf8DJAsBmTIjA6NxTtes0VW-1pgsioEG_G-_4dquA2QfNhLfvnXnH2HnR3kDQImOMwnMNlODAAmizm2zWQR9MiWCzIdJmwcL0ucDcuRZ91BP2REh2G2mEnVvDVW26fme0cE5AvI7SVSHkLCL1eYWsCBL0O-_yOqO7sHiGtv-7aYCqmvnKN06VKf_4bjJ3OxGB0q7NsytpU1tn72D-u_mrh6fZ622UmpRESU25GkHhuyrjZuy5jTa5gG0SZmSBwllBmHMgFyw0AopLodQ1blUlMyTGMpYWi11squhn1N-vHUB90gFrBEkjOP4koRhvgY-whIiM31W-wUdETSfspfnNkKt-1a04FS00jLoUJqlr1W_N5X7hYOEvuFwNwd2l8jye-IkWJaRmMC_lu0K8jKPBP88C36rxvLSTkBHZkqPBhgjM3GvKO3AXGckoL3OjYQy3LJIlcAjEqg9rJhr7hmKRj6Synfl6gUl_VMsUbah56hjLl0_wmODIbcmOHz4dedVZpnJtU6iaRze--3FA8pPUADS7d2_JNhFDL1ej7jPchlwQcZnm51dN5BdasbCt7QFPPIXhklaWgU7CzNj3ziY4fRbqTAoRumyIKWuWu25pm-tYi1JiYCSGiOh0QGrtyrDGbaGcnSOYQJacUPl5NIvwI5cdy-qA4e97sEvv1j8MtzQfbm6FYZ5rvNNrLPyrNId4qtsYoWs8spgvnY0oKkNJBZDmCZW9aeFhr83_NefGmFHyuJElxhek6PZRi9JREREP-R5EGm_Ph5JxJaGmMVSYHvRP8UyBo6DVrcW9q_xs4AmDmd5JFi-vlOuQDVRVC1ZZABmVBLnaMc6KWIs8SbTVrJDg8FkBtI-8ClJfCyqRPVUESfiXzFsu7I27oVIrQ4t2q_sZcTxH1NTWXgA2Z6lHwZ4yyKYv5ECuNjx7Vo8ZQ2NdFzV54s03pVehAr46WbHQEtz5OnYFwGiN2uq3Jx-fjRoO_0NKCih1RIsa32lf66HfaGTYqfRR__LapqSVOUEVapBaqEArLFIgkdEYaz3_F0VcsUv1z8GRRE8qKwc5hV0pS_0RtXv8fG3EsLje1qKMn0_9S7Egm467FUZ4lT6KFIuQPazkK9gN5zbKmVV64OshYGhyjxbBWBC-4RM6sthCaimBrWoaZngDKueiNn9O34sRWUffikNZOpMRmvH43pDhXDIwd1PcJlcTkUnl40nv06Bl952JJ4-X9eRa8saEhbvOxto6_OGQisyexBtsAxY98QtR9m33x5qmX1pgYSRQNDxwg0pn3l12d1pwPJZ_CMtwAs2Mp6svP3yt5hEKBnMqgGuBL5I6dTJe9yquGrMXRncnW_9DMcLyBmgZUt6dVunWLxms0hZSefBJS8BxZphTFiIF5h8CzlBDHU-ZuptWmTj-thFiiK9EVnhNXVVv1RyyBk4AdtiOLZ-8X4gp0F-j1dyDd3YSaJ8s0x0IBCs-Ogl_OjZTJ58E8aMxgFaYULG8cBzQBcxodLdEVSeoqOlPTK483UOI9mynu5lBRZxrlJ6KdvjJUJOBy9-7g5MNBQyA0VE9JaLGHB_Two2FcMi8a9Ue_ocNhBi9Y_rmtuk9G_FSKqxPYsJzN2wQV7FaAdOQZK250Qld2Y7kbqqVlTDL7160bISyGkkAXCqQiWHajuQFEVWPOEU3b1a2puczEuaVPyrlOX0awNVFU&cid=CAASEuRoP-nR9Yv0kuQNJ4FONgAaMQ&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H3 200 bridge3.486.2_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 8BEA 578 KB
190 KB 27ms
9ms Document
text/html 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

866229495ace15f688488e782403a5e5e966c7712c0ac56a230577c304c02668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194275
date: Thu, 21 Oct 2021 17:29:31 GMT
expires: Fri, 21 Oct 2022 17:29:31 GMT
last-modified: Wed, 20 Oct 2021 22:06:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 520702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A3E1 44 KB
17 KB 90ms
17ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 18:07:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A3E1 107 B
122 B 60ms
26ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 87ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKMCvgH4aFYDWH-vT72Ah_U&google_cver=1

43 B
180 B

26ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKMCvgH4aFYDWH-vT72Ah_U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ
Protocol: H2
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKMCvgH4aFYDWH-vT72Ah_U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87ED
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM0OTEyMTYtZmFiYy0yMDdiLWQxMzYtZGE1YWQ2NjY3NDk2

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM0OTEyMTYtZmFiYy0yMDdiLWQxMzYtZGE1YWQ2NjY3NDk2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM0OTEyMTYtZmFiYy0yMDdiLWQxMzYtZGE1YWQ2NjY3NDk2
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 87ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEA2zY3q6jIJyVrol2NPOt68&google_cver=1

23 B
172 B

40ms
29ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEA2zY3q6jIJyVrol2NPOt68&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ
Protocol: H2
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 27 Oct 2021 18:07:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEA2zY3q6jIJyVrol2NPOt68&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 87ED 23 B
172 B 80ms
39ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXuKRCk7ikYv7_4rAEwAQ&v=APEucNVtC3YoCuKQI2gJa-5PydNtaQpd2yKDKo6ufURB8L9Tp64vTT9SEhHPHZQth21gZNhCcjodyJHkbiE3vKIGAyOy8gQkAQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 27 Oct 2021 18:07:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CB17 22 KB
8 KB 8ms
8ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 100329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1E22 22 KB
8 KB 8ms
7ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 100329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame CB17 35 KB
13 KB 15ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 09:25:50 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame EE8F
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/742748/55595045/xbbe/creative/adj?p=APEucNVPz8CN75D5R9GMoYvxbIaZ4ZTvyftMwQImMJumAT39eMNk0tM&d=CnkAoCZ_4Pt1ljg2MibdcNblPeq1O5H1BgF_d7mwCBjqnlU8blJWsONGEFRv_rui...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
1 KB

102ms
97ms

Script
application/javascript

52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 22:11:51 GMT
server: nginx/1.16.1
age: 587756
etag: W/"696b4c19d35efd706805137a8a4b3831"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 0205 80 KB
21 KB 151ms
66ms Script
application/javascript 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 5789629
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E22 35 KB
13 KB 14ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 09:25:50 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 0E93
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/220584/56772992/xbbe/creative/adj?p=APEucNWBhqcyg1FDBWHWr5fA6b7JszTrweIqTHl-xY8PbEZD47YEwko&d=CnkAoCZ_4PGnhRmsj8nGmm3fMKv_jda6WTHdf5QdPDI6MO5BSsgP_2ZTWvA5y4q4...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
1 KB

41ms
40ms

Script
application/javascript

52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 22:11:51 GMT
server: nginx/1.16.1
age: 584567
etag: W/"696b4c19d35efd706805137a8a4b3831"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 88A3 80 KB
21 KB 126ms
96ms Script
application/javascript 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 5790043
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 264ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ24H,pingTime:-3,time:104,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 263ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ24I,pingTime:-6,time:105,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.gazetadopovo.com.br*&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 262ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ252,pingTime:-3,time:74,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 267ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ254,pingTime:-6,time:76,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.gazetadopovo.com.br*&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 265ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ258,pingTime:-2,time:131,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:974,beZ:976,mfA:977,cmA:979,inA:979,inZ:983,prA:983,prZ:989,si:995,poA:996,poZ:1018,cmZ:1018,mfZ:1018,loA:1079,loZ:1082,ltA:1105,ltZ:1105%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:131,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:109,readyFired:false%7D&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 264ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ25Y,pingTime:-2,time:132,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:964,beZ:966,mfA:967,cmA:969,inA:969,inZ:972,prA:972,prZ:978,si:984,poA:987,poZ:1010,cmZ:1010,mfZ:1010,loA:1040,loZ:1042,ltA:1096,ltZ:1096%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:109,readyFired:false%7D&br=c
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame EE8F 10 KB
10 KB 33ms
32ms Image
image/png 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
last-modified: Wed, 21 Jul 2021 22:11:34 GMT
server: nginx/1.16.1
age: 393987
etag: "b1464a7201f691a1e4cf6fc057919d7f"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10216

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A48D 1 KB
749 B 13ms
13ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 27 Oct 2021 08:58:57 GMT
expires: Thu, 28 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 32936
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE8F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72bf8b99bb7320edd2475d29e066a568e439d51a9a0d91cdb9e9b2e1605bad46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 0E93 10 KB
10 KB 33ms
33ms Image
image/png 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/220584/56772992/xbbe/creative/adj?p=APEucNWBhqcyg1FDBWHWr5fA6b7JszTrweIqTHl-xY8PbEZD47YEwko&d=CnkAoCZ_4PGnhRmsj8nGmm3fMKv_jda6WTHdf5QdPDI6MO5BSsgP_2ZTWvA5y4q4HTAdtKBux1BfXITTtPWtgIycgt7Q6jGXD8Ev-N2p9lKgcPsvbixcuQzJETnBhbXKB7VFQw2HKA_7Mme9iGISNi8qdzTbf_wlWPPJEskSAKAmf-ConDk2hXY_5YoM-h8414C8mzo6VkrvvK3R9ZlBdtqCS0AeuyLV8okkQBh_Ij2lpdLJNDeGH7PsglN_tGhpPTbM_wyWqsvt391w0LJ_3WLsuf6HnFLtNjHRSzREqr4dlKyb1jr3Y9DJeehXCtmCxITjAXHwcvjp0IR8j5iQtXQfo6sG2sr9CPozH6OH5FlSybilsCWYvZK7X4EWmG9cKOzlP8iVrRqBy4bjCsNHlXyNiWTFwpW5B1MOHcY2e2SLwUORrRfrrZD-gX5wmvPZ962oV0yzV2GdLpwJ6BbX9Ct6WhaGsZU5-xmV7IcYbm3iGQOI69HZr06SUnpWvrBQDxg66g_PBuypoE0bsIDZz_WXu6sVH-IOUTxdnH1N8OVZx67Yo47bEXCxQI4fsy7ThXf210LZteFh6nA82eTjP87_k6ZjjQrisSsJfO_KG4D2q8AEn4d28EHJEodPRWKEV8DSS7Wg7DjXh4AOwHd9tWN8Q9HFNnpZq4dIGjDY92KybS4WZwnp9aN723Ldhw8okTO3Db_7VjDrmFJ0Jg5p1-2SD7d0bfFWxkmnRL26JW7RPNdnILgnGoJumKBzzFHUasw3JOVhpkL5K9pc_EltFrCtIUsIPQh23Wx0pI_UaCTlITK_qZ7qm_2gBl6w7C4xYER_6GvZ_U2d1j44tgwSGISljP8fijb9PTk_DFGjXfb4rcEFHwT3zYPsQeCnIF77q7stW7C13YhVWbCx-kb6qeLJzfxCW7z4DSII3cbK_hdAkxVIo5WPE4LU6_EtnRENnUpdB60j-adIoV4YHtHrUvk1k1uS-RW2ybKnpxiHJKpX2zcGqIvepvwYon0JRKy3giXQ2AJOyRjcTbrA1LMwxL7UbXMap_Xu6U39zQ8dRaHbQqJfFieddJC7-dzu7_UL3vtTyOowiLtDQVL-uSQY5JikxgfO1fnl2Hm-JX0_cxMHjMF4NNDbU24b--_YVlEOqOrZHDF_GT_iDARSqgJOZiAHcTPrMmMjHOFLYkBH0fgMgCQMhWkWicBFOpHdk17GC-Mn-Y-A8r4c0bMwytpEIg6TmS8HgzfnEckxdu03jf4NqoSVG0vRWE9jMbkLZ6_b8QkMufmX6fOVgMtgGAK2e3CQiXRcwhDpK2kuak8iUqTsImMky5nqMfcbEo84C0Taw8F3lL_5HqUtiQnqMSyiZamcU7H2oR_dZN4JjuimQ5qtEX4IYyPZSzfhGtOF8Ne5s9oLHMIDj4a5AIN7Yej7RZ3lVyEQVcXSoJPLDccDowh6ztZLq4tSoJYnody1H-3Z4bA47r-9gmUOyKEGs52Ou2PEvJZxg9lLn3AAptljo8cMWzpqOdl3-v8fmPB-VCWGk69_vC3hyBk6ov9gWR0LJYCW1eFhxmkxDIiuLbVoJ9yZY2czez958q9d5HMHSF5O_Ff9D8ChljIzkzf4iwyt4wYd8m2bqUwnZ3rbP-tfGMTCXBvMnsZcDQx54C19VOh3kNA9snNnbMRC2bNmZPjh-k1_ZWuZMlntD9O8gTXOkpJQRQ6z1QfeQxT99R72iFoZ9Pou6B8pwRVsnEaqwivQB-9nHrZ7SytDs_ndrux6wXYF8kv0FRsxSb3s1DFryWc7rotLi9mMCO99UL-CM7RdDvjZpjhW9tg_SRXZQxbEXd_rO1kqO5T8V3E6VGBgT7-AHXJMCMKeB9U3BPvmo4xeqNvN3Xd8htGnckxoQYlCYlnEwntMnvaqul_acrYILqzyFcUmW9YK_quiicEw_fQg3T3IRmbTHJo6gCNHtTUc-FPY6wnhYf57IC3TcrsUAMXkEK8cyQlsHZOjvcmh0g0OIKpQEIrCzKCSsfRrTohHGIR8eU9pohBHZxQDhXFxejJWm5uuD9I5vOvLRgxHgez0kS6Owp1G4HFVf4JxWmC6QljxfHwu1B2R8nx1aG0mb45MQI4bEE6pa2pOopp4V9UHmMSxMwUqwJ2GCy7IQscG0x44GfQIoPHHqrfXK7TZMo2Yu_OSli1_bAJeZgk1bSJG3lxxy6mnQoVShM1yKX7xUT7mIv_M8hzMoOmp1tN2He2_a_LlutuouVOSG6d3HngqKaCQ5SeW2BKUctlGyVl7V4UTuN342lCGG0fAsr_K5CsHtSIhB3KbmySfUdemiYdYLtMJjWkYSPcqB1yoIz2GHHezudhkLg5ZlELQvn5v6S13k_K7whpCE_eiYLl28bDr8dO1zKYymwwILn8fWGzhrheqHDzupdXdvASJQEovwEoFmknbeZjhlTGCzJ7E5_RC6sm1kN6044qhzDtjorJaw-nyQ5DNh_IXX9VBRa98TXKRSKsEG-HcUDADzUWzxaperJcavWD1v4M3S4hO1Br_sXsxFtEEIAwKkk_S_G5HTb6iJCEzBpXIJ6EhCUTJQdh0oI3UVT8ov5_ePm80pRfV9VX34VdHrD1sJMILv0O1jX4hvl6IyGF3G352j3abiCkXatnmAVlXOr-Mg0FfLjTsyO-iCJy-N9UqZpRTLVC82mWB_1VMmsqVX8vg8Al-uP9n0vFf-ARiHYY6o8RVcm0_BQpACtc4IfcdOZL1hI5_HRAEDGoD8ZPzzHbZS7nX2HVZqFA16Di83XxhFjX6LZfZKJWawdmNwk9R018EzQGK01Kyzihe9si9-sxwyz8iNA7DqrSzDzWOh5OhGb-qzCpfIHzwzg_alQbwi07pldhUmmapXKPiTkM8WlUTFz9m2--d85XeTf-qakJNLm2Iid52hcIp-qRLdN5TiLE940nmhwkEnOjr2Z8FeAN9TpAOMubIHpQo4mTrTnViyUOPqj9Jnurn3UZ2meU2tGuF327HDxmni6eU2iTY9RzcZXuyDi06_2g6zbMuuLyKH59Qv0z_rQJms5PW4SgdfN2-TbTRsiZ9F7-0UznXL9ia1-1nh3OmdLrDqkR_LdsQibZX_wzWL3LnCeFlIGFl3ElADGwwt0-QJ8X6xHpXNb151l6c29c0b3-yoby3aorlvbn6DtHCuzI6cDwajB5OxFlXP_8E93pn3xNwO9fEuLbCEUVzpVOqaTHtOl2RuOwLFxzO2s_LlrDu70Hzf4-hSsI3lUsxXIr6ZVQCFCWfGve2Kz_iQBk7rj1Qysi2l4oTsbTfI32-A121hgz8cQHvR2a9GXOog3mAq2j0uQrbuBoWCAASEuRogpEbwN1j2RAGusUFJwW1n2AB&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9deb46d7-d6c0-ce6d-b9a4-48d025ec3891,c:sgJ249,sl:outOfView,em:true,fr:false,thd:1,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:sN47OCG+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:cdd655c7-3750-11ec-b761-0634eb268b40,v:19.8.256,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
last-modified: Wed, 21 Jul 2021 22:11:34 GMT
server: nginx/1.16.1
age: 506115
etag: "b1464a7201f691a1e4cf6fc057919d7f"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10216

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F34 1 KB
749 B 13ms
13ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 27 Oct 2021 08:58:57 GMT
expires: Thu, 28 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 32936
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0E93 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8311a3e206b22315a5f2c72856dbf5df9d7c68cdab9566b3c12c975f87737cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8BEA 26 KB
7 KB 341ms
340ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params%3Dvideoplayersize%3Dsmall%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=2880745591359130&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26UOLID%3D59e145a8-5c85-48fc-a1fb-d285959574b2&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&vpa=auto&vpmute=1&sdkv=h.3.486.2&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3446653794&sdk_apis=2%2C8&sid=64C072A1-EA78-44D4-849B-CD39D19A4485&eid=420706106&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1635358073687&scor=2339017856026086&ged=ve4_td1_tt1_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

75f9c9ab4c9656f1348fab37ccdf6d9997fe6e0eb3c97a6fc117fcfae216f96f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6923
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A48D
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjQC8F54ZC_l626uxLXaVo&google_cver=1&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXE...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjQC8F54ZC_l626uxLXaVo&google_cver=1&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXE...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA&google_hm=

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA&google_hm=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Oct 2021 18:07:54 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLPDn1-0a5ryvBkqkya8WTsMxSfXx2yXzgoXqM-LHBZLC9Mz53z7RLQvpGje4pkgVBIY7TvxdZVXEAFI301Kk2S-ieMVPN8lA&google_hm=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A48D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMV9GlaT4_hJRrK-2i8j_pg&google_cver=1&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2W...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MNB19m9eSo1R5seiv--X0tiDcuU&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MNB19m9eSo1R5seiv--X0tiDcuU&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2WtRObPMqk3BOvl7Q

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MNB19m9eSo1R5seiv--X0tiDcuU&google_push=AYg5qPJk826gYveR8HUPFgWF7ypdQzc7DudxZY0B9TyqZhFIaDNaWsDP0dAHQLPHTTbousa5GZOoANkD8xgIc2WtRObPMqk3BOvl7Q
Date: Wed, 27 Oct 2021 18:07:54 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A48D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED3s2a3w4PNkoY9li4PyCmw&google_cver=1&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_O...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5VFoxS08tVS1GRktJ&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_OzrhQbf-o_vuaTRf5EKMTasto1zQ

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5VFoxS08tVS1GRktJ&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_OzrhQbf-o_vuaTRf5EKMTasto1zQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5VFoxS08tVS1GRktJ&google_push=AYg5qPJgMX8kwGqyAWn_Ar0wWN6rBY0iKON58DGjlT0bzLJcmtE7qUpOEoSkuM9BOS-_bW-qh_OzrhQbf-o_vuaTRf5EKMTasto1zQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A48D 0
478 B 304ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKtef-484d1GRUH8RF3JknEWRGLKYLDVrOUG5uUBQgJZnvDymgMdbEi18cn1rPY08o7vF5dZffO4pZPpKP00CZXq5ftQknO%26google_hm%3D%5BUID%5D&google_gid=CAESEHotprauhZgu05gDYUhtjlU&google_cver=1

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A48D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEESj4yOWI7Zq7ai3P-VBjYs&google_cver=1&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1t6vE0pEOlTEX2w

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1t6vE0pEOlTEX2w

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Oct 2021 18:07:54 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJDxzSyghDLBSh5JOLw7oHRXamGmeUo0WR8_17MF1jIbZKxqvFaQrzFgYVFXd_gViEM3LPoQxYPU4OJDMM1t6vE0pEOlTEX2w
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 5TfMq3p7KHo64NOzPYLoi2Q0xZLKJEdT3UP0eqsO7bdBq36KVHD8JA==

GET
H2 204 exptsync
ads.yieldmo.com/ Frame A48D 0
35 B 305ms
31ms Image
text/plain 54.194.126.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/exptsync?google_gid=CAESEBkzfskhIatcIDxTj0XonVY&google_cver=1&google_push=AYg5qPLcIRXwPdDylhjDgu9Gnabp0Qw2f3oVg0cwu0Lwc714099fKDPMiW6hsLFTdnOS-tY7uwtAqghn1UwoXEokUMJ4eIDKNTkB
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A48D
Redirect Chain

https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEAaq65_n8lQgufSsuJ2FdsA&google_cver=1&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lcmkM5BwobIcECaORGIh8aE10ycQUE...
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=NzFkNjgxNTctMDE0OS00MzUwLThjNzItYjg0ODA2Y2E4N2Nk&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lc...

170 B
188 B

23ms
22ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=NzFkNjgxNTctMDE0OS00MzUwLThjNzItYjg0ODA2Y2E4N2Nk&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lcmkM5BwobIcECaORGIh8aE10ycQUEWbiMv4klDg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Oct 2021 18:07:54 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=NzFkNjgxNTctMDE0OS00MzUwLThjNzItYjg0ODA2Y2E4N2Nk&google_push=AYg5qPL4EkvBClASQU-MKmsCxzMUemLRlfi7NrLu7Hvq118N-ZdkD38Os-2J4k1lcmkM5BwobIcECaORGIh8aE10ycQUEWbiMv4klDg
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.40
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A48D 0
12 B 27ms
25ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHWAMRqZ-nsMSCGiJ6Onz9GDY7qDHqXB9e169_9FrC5yuJ7ydsSMoz12iQzlNUd3scHYAiWQ

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELclfYnyk9IN61R0gHGaKsA&google_cver=1&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3Y...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3YZw8mEszDbxFsOA

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3YZw8mEszDbxFsOA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 27 Oct 2021 18:07:54 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIzRo7DdmrZPSsEh4fo3NZb-b4yXj9FAV-8GAIOjsyT76kbvWzRguwawN92i-QQ9_tUAKaRWNvdq8yUAr3YZw8mEszDbxFsOA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 27 Oct 2021 18:07:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFBe1QZ1n3S87et8lF_V_tk&google_cver=1&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJ...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJhfM-J-kzSBYjpcPCV7o2DMNSw

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJhfM-J-kzSBYjpcPCV7o2DMNSw

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Oct 2021 18:07:53 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLEkj0ZBLQzOtNmqFc25qblJ2fZmAYt0x3EFQslNgrlEeU8OyQVXX7BRfgnLi4pA_EkmBxtJhfM-J-kzSBYjpcPCV7o2DMNSw
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: uO2G74D1sRbg3kkQzSoAAA==

GET match
um.wbtrk.net/doubleclick/user/ Frame 6F34 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGuyQxXSSDg_Eo8FMjhARSQ&google_cver=1&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRu...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGuyQxXSSDg_Eo8FMjhARSQ&google_cver=1&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rY...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077719552134910&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L&google_hm=ZZ6du6JhSYm5Py-RUGtuuw==

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L&google_hm=ZZ6du6JhSYm5Py-RUGtuuw==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJg6WKndntKPjeiDn1w9iooVQ59BLT_NMBzlKFxGnS4w-btnS_Vp2PBM0PUL_F9bQv-1GOecfj8xSR6rYne4oRuoU4Ex62L&google_hm=ZZ6du6JhSYm5Py-RUGtuuw==
Date: Wed, 27 Oct 2021 18:07:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEBlEahkbMB1XVVua2j3FddU&google_cver=1&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJ...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJJONu8q4WAf6KGkD5l5WEQYsPIHLsK9I4Q&google_hm=QVBoQUVrZlh1NF8zeDR5N3...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJJONu8q4WAf6KGkD5l5WEQYsPIHLsK9I4Q&google_hm=QVBoQUVrZlh1NF8zeDR5N3RGVlJSY3c=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJCR8UGxnLpzMYIFOuy_x8lNX7D0orYrKb4GDhf_VTVGjWzqqwdOOtv5QSO5F4zJJONu8q4WAf6KGkD5l5WEQYsPIHLsK9I4Q&google_hm=QVBoQUVrZlh1NF8zeDR5N3RGVlJSY3c=
Date: Wed, 27 Oct 2021 18:07:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK sync
rtb2-useast.torchad.com/ Frame 6F34 42 B
233 B 361ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEIF5Pbq5W06ni7w_opvAzHA&google_cver=1&google_push=AYg5qPKXF3p98MLKutaXEpCxup0Qtw5dC3_4hlIaxt8-mVbgrbLHx_LxHhpiPRJFbJiRQPMyQTJDI42DU_i3sLB_-rXJyaOXI_3Y7g
Requested by: Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2I...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2I...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBQelyD1CrzTXG3jJOQqhEA&google_cver=1&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBjZTU0ZmM0ZC0zNzUwLTExZWMtYmFkNy0wMmY1OWI4MTZjNjI%3D&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9Qj...

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBjZTU0ZmM0ZC0zNzUwLTExZWMtYmFkNy0wMmY1OWI4MTZjNjI%3D&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 27 Oct 2021 18:07:54 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBjZTU0ZmM0ZC0zNzUwLTExZWMtYmFkNy0wMmY1OWI4MTZjNjI%3D&google_push=AYg5qPL7Txzg8fBpnNJLXSEeSBad4-rD3xgeXunpILc6VUGQDjkqAR2Ia3CwE6B9QjHjANz9ujIqZQch8h-QFjmMoCuKEDrw1D8fqDM
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F34 0
12 B 23ms
22ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHLK39IsXCbiydG2ruxebDuzB4jMvh9eSWJktyQUoOxRSTLI-0VPvw-epGv7j7vZkYnQZyHg

Requested by

Host: e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
URL: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB17 0
20 B 49ms
48ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGPtMeZV5YeqYCLje7_UP762X0AEAAAAAOAHgBAI&bg=!7O-l76vNAAbUs_yW1LM7ACkAdvg8WsOoKWatn74yypsgz0C5a7G-DvZHY53bxIZD_QC7FyIX-7jWVgIAAAFNUgAAAA5oAQeZAvkfPKPXa4iWrleQgeucX_MABxXdSKWjFE1LosJ9YJmGs-GFlHLewhYxLzSYdLcHcPAeEQysfkOEfw77S9GhrobU_pMe_sPM0Vpu8JeRZhLMgPnYOiDXVmXBXe0i9fSExGytL2WHOE52HnWN5gJQpO7tZBLAQ017BrpfHZnCiNYonPRpHfb5GZTff64_GW5K_Kf2Tzy9_SYpPUPgis1tvv-IbfRKj5wh6NVhHhjNhswUOMN7bX9M3-EOmzIUea5TeOosdinBSf9sUOhYvrIChR0gd1Pt0K8G0epM6UToNCko08dI3rKo42mIsxEa9E3rLSWaTBk33-sC_kaOo0u3O6yhhzl8ijvONLeELud28yvE2dmkqib1xhMA8nQTsJnw3rJFPZJD-8bm6o8_J2wEwdGT9Xwr07YdJUW0uACmebaZPn3WNWjgMzv6V1pajbS07Re_1rIqg3zxQeb0PRevUSE9HGedEESFEK4zt7zbIebUWXqqNBx7PVFsbWNiuOj2X0q0LtT7XuBKn2V0GJG8ACeYq4f_OndL8hcDM9yjO2Txcs1xLIYM0jmX1bgqFRq0e_fzsIfcVzJX-g4PEBn_8u3TnwJ1qcOy_i39XlZ7VZZjmrbYtWzfqdwXyMwWjJEG2cDmfg_RF36_WC28V3UaaOxRzh8Vz5I_ar3A2OZmOQr1vxDnGuhvYzBlkYc_vepTjH6E3OvuP1VI0GjiXJjJedyhokJ_CVwRIXDMrDUemhAECejfPClkpiGzYKiO9kUGs_r4gn9ZzBAoOx9NHt0Y-cXwP_BxP7yh5kWI4d31YJjhlQS2yTILA5QLpHLQYCZnxUAk9kA0tNuW4osVq-Md4MwfrDxUzZqALwEKyKdJ6TAy0mjbELfpTEWYoJOx-xc6EF0HIflF9sWkni_WkzNHJg5Sb9r2XGqDixea7SOzez8JmpH3-RKLhchhWAUDuKjcBWCkBtLw6s1Ar9fX8_BBRpC7WJY-5FYJ_-8pmyq10jRaPqHCOrLh-550ig

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E22 0
20 B 49ms
48ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMkASeZV5YY6VCLbO7_UP_Z-_sAwAAAAAOAHgBAI&bg=!MzClMHTNAAbUs_yW1LM7ACkAdvg8WnaYIwvrnUnpzF373jAaLcxCvpWoCamEeakNYFXyzwP3McSDWAIAAAE9UgAAAA1oAQeZAvVFP-QarGs5HvD9xIJdjQnroY0rtLeY27VaKuhuGvdZ4eKpu5vnUvm875n8JSFhITBQbnZbS9PEjq04xhxY1ZPzkfzG0ZBEjW-j5M5gLhzAE6w-zUsIWrTuqC5tLQOBdXbKQdMPEogQGvMzxMMBY4V7YyYtFyve4FDfL9o6i7Qh6G2cHCEd1IxA19gstdfIDedqeHqDKIRG5V1GDA0pI2y6AJLoTaaRlE9APkir_LjwXWvM6JFpjqUKHIZGnxi5sJvaRDF2eeA8kgaImZDkRVAuFizinI8e5SVPE5vI-AVpQGzMZEv9NI2FUWBNyxLVpqmreJ6EPknRfxtHU8Cjus3-lxKwVUIVTixYsizjjR9rziq3OKJiB6fo7kR5Lx8ErA_0gfqlMunIQGzyJ1O2GDx5WbwLtR4fv03mEXqg_2EHjd7W5rB9wQmhHxufI2MzZOv3jmkLRRATsZ55VXH4ziheQRpex37WtIcqemlWOb-k4dOiC--krlS_6PCmkByUxB1z-UCsnXNbBwBTkriBEYWhKmOjWbAFzDI6LnrNvN9ntHu_md0wgmycw6_5WAZCwgeINis83faN8DdLZOQ5Bld9AGAH9la-sg_SEZy4vyc6PxNVrhMhumL1epCDucd-7cU8--htlqkowBzeOezWEtlIiAHtlD2vlxNQYFlpqCC6FmHVLivDVVg-hwyFI7fj_QLNBmCoTw4bfFWH6AE1uxtXH8tU7_mhbMFWs-Ik3iL0eGoopBWevg0PYTTB5y01cJLi-91tHJTSLL9W1u0IZjU3RZNiopTQO3Q7jX-y7WOpp2U15ea3cn9MQZQTg6i2ftuPdTBRJXq4QMorSbdFziJbcM9Cp2KEA6vhEdrhJbK667XtaWyabEVUvoyqRmE1ypWM18Zdkk0pgQESepSMTt7FWqMtmaixdTkz0NsTjNsdcgfX5K6bF_Ix-PfEM7jqEJytZBtxh4KETxhkdgVMbcJFqzF1C12EBToQYchiHxZha9W75Jud

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ2c2,time:559,type:e,im:%7Bpci:%7Btdr:507%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B552~0%5D,as:%5B552~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:289,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 92ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ2cY,time:566,type:e,im:%7Bpci:%7Btdr:508%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:566,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B559~0%5D,as:%5B559~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:291,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ2da,pingTime:-10,time:629,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1635358073936%7C%7C9e23582270691c05e68ba5273682f11a%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C5b482daccc7d28d4c5af07934ea454d4%7C%7Cf002a340721bee8c66018d6955595e31%7C%7C76b92a55d99010a2f24e323b51623aff%7C%7Cb686b12c6bc4b9dddf246f3e2a579df5%7C%7C13548ceed54a4673194c61213a252f11%7C%7C1629390669%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:53 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ2eY,pingTime:-10,time:690,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1635358073936%7C%7C9e23582270691c05e68ba5273682f11a%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C5b482daccc7d28d4c5af07934ea454d4%7C%7Cf002a340721bee8c66018d6955595e31%7C%7C76b92a55d99010a2f24e323b51623aff%7C%7Cb686b12c6bc4b9dddf246f3e2a579df5%7C%7C13548ceed54a4673194c61213a252f11%7C%7C1629390669,sca:%7Bspg:d722542d-ea6e-1a51-410b-a5cac6f2fcdd%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8BEA 21 KB
13 KB 45ms
44ms XHR
text/xml 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dhz2vS-RIdcX-w-sVHAsmY3732Lr79V-7OZD_Uu9X0WRdU5gHHGEuNLiQ-h4sY4wK1bDTaNK7DWwDOxnHQSkKDu7wIBA&dbm_d=AKAmf-Bh-CzanlCHsOY5ut1Y5XUFO8wcYcyhq6WnH2o-J2irviVU-3Lc_JyH144GOWosAZzqxaSuqwnBZ0hi6DrTFTVr5VmLNiLlBMcdhmiPJ1ONApICI8wFRHl0jKD0Bhk4_g_vAru0qZjjOC1-5X-Cg5QIBYDAtrcJPeePQmWyxR2zgE3AGQP3_lYq-hgROVZdCdGbfJ3UljSuv0VYYMVgh-5pcvnrj-jNecBreV9KZIwHwiWG1aWgb5WxfWkoDycKl0Eajtvc5F9EJEe-FN3nGHfUg_qlYbyrKXGJYQdwnRUPYX2KKsTSAj6np4LDzuaScMXGRHDf37iK65_p5vPC1Nq-vnQWeYy4Tn9S18LY8UjpkECRQ3mlBcgkbz22sFwt2nyQr5xp24yi-8bJoG_JNE7SfO7iToF5KyphWxy62tpZX2TjMgk5au6ND9z9ySHpsFNjqBln8Fnvbeysk--oLCgjx6Cd8BIlaPjlj_boDl5POnrdpYHUUBkDlHN-2ZDzCcmv3fkP2oSrNG5n4MeNNlzzdiKbNHkZyMWy_3dtA7FFwXvSsj7MjLVXuN0XSZ78K5D9HjjoAnLHdXTxUPTatkYGp9k02EYrcuZvawCYtL6YyI5VxHWuVmtSay97ruk_QMFSMNGRJmN6M0Eahy2orltzNtfqAZdiyponSj7-O8zMInzXEfk2q0rDnLfwHCHBK4bKLEKtsvdhydCt7kTXHwCL7RmuVj9oXwoo5Mn-7wCVKYnUlWM--kIOBfxedp3g_irs0Ye9fcG0UJPnJwW7c9VTr_uE0xeT9uyP-u9sXaiPTCpDI5J0cGOJPirnMo51Nt4RljLmdBwB3sHMp6qFtYynU9r2n4DKJFEnsYKO3EUzQmlF6vOkF-TxrNbfd7w79CWbvI4p3Fm7aDaxwXSu2bVtZJSQ6zWrrub_rUg260uK1TzZfKytMyh9-bobc9cAXqC9Rm3n90gm-V-5Ned8vxwiB2P4gG2bAiX7UDjz4xlbl-ZFOYaIBTqsddfOYrl-27XEl8HIWVleUoTxv9NahlNgKeQR0LSUTKeGaUrw9bOxNaPn4Li1iNHsTjRTpghjoxjisLVfHl3oU_aj7nIBZQRciYGWgrBYGfhtmalpzMgiIe6HmCGkX0OPibedcaGGlCRjYUY_jztmMGh_pyYENmHajgSOpeOb7rBsRrAOzsJHmBxfzYhtc1Mrdg9RNMyTcdNJxeAegUNeAVcVURUS0yBNbY1t5UtAFT4hBEqntYIj_GWQCXkEct-ifgp5EJdW-MREqcpboZ5dgp7u2oPoEJGpFonPgolzKFXHWmC9ClK4g9-oJ0qEjsJ3PH4kcMcfan_kyUppufKOnptmX_NWk5-zspYOlf0CmTTHtzjBwhL08Vl873K2ovXPNIzR4rryfnBGzz9s3IhO31jP68zV4dQZWnVNgtDcFSOMh5KNqs1JqLmPv4epZRwaqASW3UtjmFJC9A5fNc4Sj1mMI_Wh7eYoZVA2iFZ_iHzLHthzbdTsGzYjdqHR7isZr9YBpyjpzIHkQCZ4DnNpkDm7P0X7rL8bTZpBL8PSurYj_tLoQAtnbLUENDvFO5zLKLGmvfhJWus2Ld4gGx-XowErNt9_7jqh1lpA5ZsOlHtqwoRY8Y8mle0MoeuUgpHNiUTPZihtJWhKQ_4KRDj3VIuRzHmwFyg-VtCthzz5_DpkYlbzBOuVh0QQ8XKyF0VVhOp0KgukZRxuTJtrSrB1L2j_x-ZMRrsJ7iw_t8iDdVHRb1jm51UPzil8nQYT2VCMLtYmNfKnKAVG9SSabD5iF2J9W4Ffm84bfqF5ft_Ez99xZQ1AkDy6HT7eXCWvASyXCTWDCFoDXRJdsDj74BVzhWwJj2M4WcJkC2iEOLm1q763M5OKss-RVeA6CaxDZVSkVrt6ex6U5l0txLTCI1CkJYA1tmlqOV3ZBQ74yJ8dhbJTv9CMbwGeFNCAoKRay_9G32Wvd7VzkgNxOGlHaJsK1kPtbwR5SM7ExXEObRjVuCt28AV-OA0RAsfu-dR1NpoVYLT6qcG8377zksJbFWEH7YEp5TS_K5eHtxpujJajIe2CEYDcoE6lgTEP8XvoGdOnbvhP4Rl1OK-6dyxPiMB99m3R_vSx9FQw1F6U3envsuy6b7u2wViDZxFmdMKtieQ6jYcekGSDnLU_oAT2sziW9OGymJi4OyqKzs3wWbkMTz_kgKfsgUivyzCOL87oZo97udEHpYbfG_aky0qOo3D3NW780NtNZij4n1pl899HttHRilPGMoL6_CvSy635tR72fmZ-gEXd5YK3lVmdtvgLIpiZbOobd-_HvW5U6WSdRPPMZ-DiHJC7kDBX05jLxqpsb2cHBmczEz2o5-B60JwEpTmVenWhr54O10pckV60QCCY86PDC7suJf3vkeUWMqbWFll75Kqh-G44E0B07LVIj1MbBPON779TibXKebOFXKYxOunn_25og3Su8D_-PS_fuJh7EghDikrLhidngmx-GeZeoaneGREIFEINBwO3fqwrb6cR9AOxohOZVyNejB6bwgcogfpaOlJ8PZF9dsOtQtoBYD1ttXhTnsEjPtl4G8mMDwtsMb7FPHnaOz6pS-VPBLBobxRcvG7aPtj14kUPbwPFHxvMGp2rTo0tpYLKYe2Wwt7geYD3uwy6KrQA7dlTxfUAmAKIzy83O1VYVY1LvZ-zp4VgXzG2IEPVQeSv3qd1dPkIIFlcXUA4MVDkJ6upxrChDZKl6RiWBXxuwukeXS3ozWRU45g9-vGBPFlvJXC-WsrzCYiah1eQBLhLvBiLeDIPzZleR1oiak1t_iMS0ZeEMXkWITZ0wD3lfetV24m3rxDZh4DnR-O4v_ITfBy1rQfDLJ3tv79OLMUnfjl63isFF-7YeaLIek8GsJKZn_3VDKXmnenaOz86AiyWI5iSx-JRPsqzz0M4hnxm7vnjirMG9FOkGotoXluySQPpdK8xusoN5m2_9cZF4s9iwUybm0gzqAHw9J33CBkg1biafHariw_lM8iQvoASrMDL1jjuZB43kEF_sdoyoHO1VO9_rbXvl3Wnt_myur2LifOj0QOdehRxgionyBUeIviR0L93BHdAa-f12IBA1g0ou-KYIbvR5MfzwHPwjK--itDkhQp8z9ZSUDCCRxsYC8BeinnOJVUwrXgvSE2LWOwJchyhjNY0lI_e7Ccz952xgoIeWbEutRhoNNjyUOAHJ4eS_AznkjaAfw1xnfEuP_V46EHGiogDKwMhE-t9ZSfeZ9ItLLII65iq1AHtk-l-6F-ido4bVd-stDhJVpi74cWXbaIb7FP4HTqAonwkAO-y0p_7U5snehz5vIIs1wfJ_A&cid=CAASEuRoDNanO6lZbzyQ-qHdWU5tCw&vpa=auto&vpmute=1&sdkv=h.3.486.2&osd=2&frm=2&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3446653794&sdk_apis=2%2C8&sid=64C072A1-EA78-44D4-849B-CD39D19A4485&eid=420706106&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1635358074048&ged=ve4_td1_tt1_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_ts0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

cafe /

Resource Hash

9c9e9dab3708a35a27e35efcfa0b53a99bae04a413eefb5fcc7dbcb74db66863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13328
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 58054202 Show response
unified.adsafeprotected.com/v2/842139/ Frame 8BEA 23 KB
5 KB 181ms
60ms XHR
text/xml 108.128.115.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/842139/58054202?mon=58054203&omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW%26sai%3DAMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q%26sig%3DCg0ArKJSzJxcIjmoUFveEAE%26uach_m%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&originalVast=https://ad.doubleclick.net/ddm/pfadx/N5811.4036889GOOGLE-DV360/B26545522.318098738%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.486.2%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_adk%3D3446653794%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.gazetadopovo.com.br/%3Bdc_vast%3D4%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM1MzU4MDc0MDc5Cg%3Bdc_cid%3D160443474%3Bdc_adid%3D510605060%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.115.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-115-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 66b43a68a26be50250a9c878dc6b82dcdffe32e77aa0b8612d430331bd4d51c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:54 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4490

POST
H2 204 csi
csi.gstatic.com/ Frame 8BEA 0
298 B 94ms
36ms Ping
image/gif 74.125.133.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kv9tz1ef&c=1995050428252&slotId=997525214126&qqid=CNSyyMiX6_MCFZDsEQgdeGYIXg&gqid=eZV5YdfWKqXKx_AP5bW84AY&fb=ima_html5-lima&sdkv=h.3.486.2&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=420706106&vmfc=20&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader20.html Show response
tpc.googlesyndication.com/pagead/js/ Frame E105 51 KB
18 KB 8ms
8ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Oct 2021 18:42:48 GMT
expires: Wed, 27 Oct 2021 18:42:48 GMT
content-type: text/html; charset=UTF-8
etag: 15578078210308968909
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 18563
x-xss-protection: 0
age: 84306
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BEA 42 B
64 B 39ms
39ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BEA 42 B
64 B 40ms
39ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 8BEA 0
0 46ms
45ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CrUPYeZV5YZSSMpDZx_AP-Myh8AWuxYGFZvLW1fHrDoKrnv7aKRABINKhqR9gyQagAZTcuPsCyAEFqAMBmAQAqgSmAk_QHdn2rlsN2Hj1MoBPNobshw5MyxKLjrLBViW1qHmBaZFG9rtNRQdbjtT6qWo4kX9cToIPQXM3D-hNLppiOSPRv3ubRiydArJFnQQJia5VzK7Nubw4n5lAw1poGJP0IDCK1Qg3tivS7eFjZQ0I-NOLzQbtCcEXib-NJAvgqKOiAa36eMHQpW6K_7WkVFurT_2hbpHDp1OsEND3H_mpn9pP06DPUcF9gGvzSlBGdgW6F_JNJAZkwiZOPKPB6x_Zys25sR__wYG0yYYG-4HUYK3pEfS4UeFRuGyxNELvT0gKoNkkZMkVfE_mXHvqLx7DyFyhMSbJGlTSEAIuOx_T6gHq9HCt7TdDkKZYeIuHOpkDmlBVAhRK3Hxx9qFkLwZJ5yNc0HvcLsAE5_OazOED4AQDiAWVweKPOJIFBAgDGAGSBQYIGxADGAOSBQsIIhADGANI19GeAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH1KPHhAGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwsQ3KejBBjHs9e4AdIIBwiAYRABGB2ACgPICwGwE9Lrhw3IE9rKxt4D0BMA2BMDiBQB2BQB0BUBgBcBshceChwIABIUcHViLTYzMzA3OTEwOTQyNjAxNDkY3ugU&sigh=TJMyGIJ4YNA&cmd=Ch1jYS12aWRlby1wdWItNjMzMDc5MTA5NDI2MDE0ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSKQCNIrLMS4rB0_xja4sA8tOpXcy3W7VjRfbB7CXl48gyMFnBtIWZryWh&vt=10&sdkv=h.3.486.2&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTU4NTkxNjMwMTRA2gIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTA2MDUwNjAyCTE2MDQ0MzQ3NEAyCmsIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNTEwNjA1MDYwMgkxNjA0NDM0NzRAuAFSKiUAAPBBKAE6DVBIUkUzMDAxQjA3MURCDkdEQ01fM1JEX1BBUlRZUABgAhgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 197ms
197ms Image
image/png 200.147.166.104
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003220;ord=1635358074336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.104 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: t.dynad.net
Software: D3-FE15 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: D3-FE15
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.545 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Wed, 27 Oct 2021 18:07:54 GMT

GET
H2 200 vpaid.2021.10.04-08.57-25eef18.js Show response
static.adsafeprotected.com/ias/v1/ Frame E105 176 KB
176 KB 34ms
33ms Script
application/javascript 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 5acfc22b6bccdd38335fb6f7c6960a79ab031522ca836c6027df46e815a50d1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
last-modified: Mon, 04 Oct 2021 15:11:56 GMT
server: nginx/1.16.1
age: 479544
etag: "32cdd68901ce663c7a1a2ff7d1f61273"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 179718

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
444 B 9ms
9ms Image
image/gif 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1635358074348&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1635358074348
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: nrK19CntiGXyvY0h02ezd5pymuWX1J6YuzO0T4sv3XH6lzZNoEJfAw==

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 198ms
197ms Image
image/png 200.147.166.104
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003219;ord=1635358074349
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.104 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: t.dynad.net
Software: D3-FE15 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
server: D3-FE15
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.545 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Wed, 27 Oct 2021 18:07:54 GMT

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/842139/58054202/ Frame E105 40 B
390 B 105ms
36ms XHR
application/javascript 54.171.104.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/842139/58054202/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fimasdk.googleapis.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fjs%2Floader20.html%3Fhttps%3A%2F%2Fstatic.adsafeprotected.com%2Fias%2Fv1%2Fvpaid.2021.10.04-08.57-25eef18.js&adsafe_type=d&adsafe_jsinfo=br:c
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.104.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-104-28.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: gzip
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://tpc.googlesyndication.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/842139/58054202/ Frame E105 229 KB
76 KB 35ms
34ms Script
application/javascript 52.30.120.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/842139/58054202/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.120.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-120-14.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f96625455b6fb1d1f054ee573226695413ea2e8ffe5f1844b0cd6ace9ed8b950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/842139/58054202/ Frame E105 92 B
315 B 41ms
40ms Script
application/javascript 52.30.120.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/842139/58054202/skeleton.js?ias_callback=__IntegralAS_861b66384c0a560d211c22f517701089_7489&videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fimasdk.googleapis.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fjs%2Floader20.html%3Fhttps%3A%2F%2Fstatic.adsafeprotected.com%2Fias%2Fv1%2Fvpaid.2021.10.04-08.57-25eef18.js&adsafe_type=d&adsafe_jsinfo=,id:861b6638-4c0a-560d-211c-22f517701089,c:sgJ2mh,sl:na,em:true,fr:false,thd:1,mn:app03ie,pt:2-5-15,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:4,fm:sN47OUQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:18,oid:ce9698ce-3750-11ec-842a-0a6fa201f3de,v:19.8.256,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/842139/58054202/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332&adsafe_par=&logTestResults=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.120.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-120-14.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea12ec4b7dd7bbd7ee0544a3b7b5ce6e1bd5170b99ad50b147f80f755f36cd78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: gzip
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AD66 80 KB
21 KB 33ms
32ms Script
application/javascript 52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 5789629
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 90ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ2mN,pingTime:-3,time:49,type:v,clog:%5B%7Bpiv:-1,vs:n,r:v,w:350,h:196,t:17%7D,%7Bpiv:0,vs:o,r:l.v,t:49%7D%5D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:49,n:49,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~350.196%5D%7D%7D,%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~350.196%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:sN47OUQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ2mO,pingTime:-6,time:50,type:i,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:49,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~350.196%5D%7D%7D,%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~350.196%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:sN47OUQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,rmeas:1,rend:1,renddet:env%7D&tpiLookup=ao:www.gazetadopovo.com.br*%2Cs.dynad.net*%2Cimasdk.googleapis.com*&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ2mW,pingTime:-2,time:58,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:183,beZ:184,mfA:188,cmA:189,inA:189,inZ:192,prA:192,prZ:197,si:201,poA:202,poZ:221,cmZ:221,mfZ:221,loA:233,loZ:235,ltA:241,ltZ:241%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:350.196,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:v,w:350,h:196,t:17%7D,%7Bpiv:0,vs:o,r:l.v,t:49%7D%5D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:58,n:49,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~350.196%5D%7D%7D,%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B9~0%5D,as:%5B9~350.196%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:fwjsvid,dtt:0,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1a4%7C1b.220584-56772992%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,sinceFw:38,readyFired:true%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:54 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8BEA 41 KB
15 KB 8ms
7ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 09:19:08 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BEA 42 B
64 B 39ms
39ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=COr8feZV5YZSSMpDZx_AP-Myh8AWuxYGFZvLW1fHrDoKrnv7aKRABINKhqR9gyQagAZTcuPsCyAEFqAMByAMTmAQAqgSpAk_QHdn2rlsN2Hj1MoBPNobshw5MyxKLjrLBViW1qHmBaZFG9rtNRQdbjtT6qWo4kX9cToIPQXM3D-hNLppiOSPRv3ubRiydArJFnQQJia5VzK7Nubw4n5lAw1poGJP0IDCK1Qg3tivS7eFjZQ0I-NOLzQbtCcEXib-NJAvgqKOiAa36eMHQpW6K_7WkVFurT_2hbpHDp1OsEND3H_mpn9pP06DPUcF9gGvzSlBGdgW6F_JNJAZkwiZOPKPB6x_Zys25sR__wYG0yYYG-4HUYK3pEfS4UeFRuGyxNELvT0gKoNkkZMkVfE_mXHuyLrTtyW4FCrQp8qKp2PRCsoCIbJ7HLLCANd9pjazccaKfuV7bt4i3rABkxInvcfrikqhdyzu-DZWn5gFo-cAE5_OazOED4AQDkAYBoAZOgAfUo8eEAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPS64cN0BMA2BMDiBQB2BQB0BUBgBcB&sigh=-O89cnhpds4&label=vast_creativeview&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D775%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635358074552%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1635358074332&sdkv=h.3.486.2&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTU4NTkxNjMwMTRA2gIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTA2MDUwNjAyCTE2MDQ0MzQ3NEAyCnAIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNTEwNjA1MDYwMgkxNjA0NDM0NzRAuAFSLxAEJQAA8EEoAToNUEhSRTMwMDFCMDcxREIOR0RDTV8zUkRfUEFSVFlI-AFQAGACGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame A3E1 0
17 B 44ms
29ms Ping
image/gif 74.125.133.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kv9tz137&c=1995050428252&slotId=997525214126&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.133.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,... Frame A3E1
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/id,itag,source,ctier,ip,ipbits,expire/signature/8DE0CC82...
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,m...

32 KB
0

125ms
68ms

Media
application/octet-stream

173.194.187.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/832428A60017D32F18C61B663BC6453510ADEC1C.0B834FA67CC1DB177A33EB42A35E93D2CE5F1A41/key/cms1/cms_redirect/yes/mh/t8/mip/216.131.114.229/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1635357639/mv/m/mvi/5/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

173.194.187.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s40-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Oct 2021 15:58:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-94744125/94744126
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 94744126
Expires: Wed, 27 Oct 2021 18:07:54 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/832428A60017D32F18C61B663BC6453510ADEC1C.0B834FA67CC1DB177A33EB42A35E93D2CE5F1A41/key/cms1/cms_redirect/yes/mh/t8/mip/216.131.114.229/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1635357639/mv/m/mvi/5/pl/24/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 632
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2951 23 KB
9 KB 7ms
7ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 21 Oct 2021 23:51:44 GMT
expires: Fri, 21 Oct 2022 23:51:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 497770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2951 35 KB
13 KB 14ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 09:25:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE8F 42 B
64 B 61ms
47ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU3Cx4ObI0BjvlpiHKWKvmWVcRaNXTMBNo1lsV1YgzGK5MaO3UBq9siiJ9ZKNehfr_kyylDc5VpqePluAlrUIo7CRUWZNAYnrViHQK5WXYw0rESBc&sai=AMfl-YTOnIuTRIJq4-eEw5gl8xb_5vGwxC5ldTw1g_d2jePs_qBbEElupC_rxv7muY7w00PCPLyEOwxu_4c1j5N5piYUolQv_n1ktFyzUhu4VMU0ruMut80SRAXGA-_d&sig=Cg0ArKJSzEikaAXw0gZjEAE&cid=CAASEuRoP-nR9Yv0kuQNJ4FONgAaMQ&id=lidar2&mcvt=1013&p=190,436,284,1164&mtos=0,1013,1013,1013,1013&tos=0,1013,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1651446792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635358072333&rpt=1369&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E93 42 B
64 B 61ms
47ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrvn1ePjNdv7C6ofMILTB7-0dQtQd2ab9yMoSkHbybwYQnwXNo-ADZU0xmBuzZBgIG1j9LtI3dg1Xh--kh1Q9apn8bonaUU1G-YpoK-g65Up4sXzo&sai=AMfl-YT-IUNK3cLfwlNkWaansFBq2JN6jr2_k47KAeAyzx31DGHqmm44qEYbVHbiKthNn_G7NfEBjo_iz1UE1xwl99N5AERsOhcypELryQ5LEqXkF75KtwqPiU9NgXzr&sig=Cg0ArKJSzMvxjpOT_8mAEAE&cid=CAASEuRogpEbwN1j2RAGusUFJwW1nw&id=lidar2&mcvt=1000&p=1100,436,1194,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2713759382&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635358072394&rpt=1321&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2951 0
20 B 49ms
48ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.486.2&bgai=BqkwpepV5YdeEBMbibdT3h7APAAAAADgB4AQC&bg=!q6ilqOzNAAbUs_yW1LM7ACkAdvg8WmrwKUWS3YFEIj6UjYk0Rq0fDcx901icxp4slPfgG9QFqnvU1QIAAABjUgAAAAxoAQcKAE9ZwkC5DMbFh_rnenyZOSJpE9J2m-laoVjsZO35gbvnJjT6-hLYPxzhGSQqkW7E1r74Dw6qqXI8xkZ4lfTab-BSO99S06n1OsX85RY33MgKmQL4zPPZ5vBXSoU2LP7rM7bNdYvc24eUhj1G-gcmrmzCEdCFIqiJ_6EQ-BreaODkywQPznJphxYbskuHjJTSi5hW0W1DGXXt5OMFYVjqFnMT4ocf5AnK7Lwuw1zS56iBbPHfFZa7-NvfZEnVmxglL3CHBDCtM6dac9hKUYnT1jA6O35EHMnZTkxv1SDU3PwVh8c0HMGI_q9K1qd5J0XyTp6c9s_Jitv7zM5PkVW_tDSjtQvsNRrKXnA1hK5XCSdxJgtT3kPArYtk5YcFBO_BtaEDkPeMavArqU6oh2GSVqjqiqUc-zmsUJbrvHPY_HUaQdYDRsNg2zk0zhf9yHEvh2CtYsd3rhkiG63LDwA55zMY0bJXoXJ4LcsxfedeiFX2Enoo5_jAtW_ryYKViOmqXLqjrWOXWh4btrVSmOLKTBzAXHVI7CcCAvhfNo3eelJiirHEpAxNCVHCXNMqs89yr78cX9fAElLa3IWPSoiMpI1d238S4UgIIDjs2maGSKF6lTnZrqH0h7g5_hS17bn0-uO65Apqh44JNf-77msGk5XU2fkDPwL0BTeNrQKzrphaMqFbx7osL8UauZKOSYgLEuIYsd3kgpQ_hnYImrnrP4oHi-8k1vrpI8aOap--90B4p0cZcoh1P3S9dtEZDSI5WUQgG0bHV32lsO4gncTqIPBcHnElT9hKGKYSE0BfynqPJ-bAvuigIgT1yDGboK60-sGpuOoNHxKpQzgD-kkX9_X3Kf_3rtuUxgU3fkxfhxh9Ncq4H2VSVju1GtHcTplX7RZxKFJx3NPHewKK_SYxPqObJqmHt9iiv-LE7PJpjqH6PU3rM9bZfIdwZ_Ik6Z-RE2NAusfYRwvlTuAsvrnBYOUSmgAmfVchUVMxM5qp78YLYd8duJFQpByO4RY_5bme6Drdy3tdDJ65_rMYtzk1N7XHBZTaXv0FZGL3cDNUPQmQbpgiQmGHkhJNRUr22tJRSzndmvx8ybDch5s9MenFlbiOjOwKdCT44w05PA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,... Frame A3E1 12 KB
12 KB 80ms
59ms Media
application/octet-stream 173.194.187.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.187.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s40-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

58633a0041a265546c1fa1e50e99025ac0ae98ed7330183de3c28ad637da4a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=94732288-

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 15:58:46 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 94732288-94744125/94744126
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 11838
expires: Wed, 27 Oct 2021 18:07:54 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,... Frame A3E1 3 MB
0 18ms
18ms Media
application/octet-stream 173.194.187.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.187.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s40-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=32768-

Response headers

date: Wed, 27 Oct 2021 18:07:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 15:58:46 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 32768-94744125/94744126
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 94711358
expires: Wed, 27 Oct 2021 18:07:54 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,... Frame A3E1 64 KB
0 27ms
27ms Media
application/octet-stream 173.194.187.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.187.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s40-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=32768-

Response headers

date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 15:58:46 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 32768-94744125/94744126
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 94711358
expires: Wed, 27 Oct 2021 18:07:55 GMT

GET
DATA 200
OK truncated
/ Frame A3E1 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/0337288effaa4068/itag/15/source/doubleclick_dmm/ctier/L/ip/0.0.0.0/ipbits/0/expire/3779625545/sparams/ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,... Frame A3E1 55 MB
0 20ms
19ms Media
application/octet-stream 173.194.187.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.187.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s40-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=3473408-

Response headers

date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 15:58:46 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 3473408-94744125/94744126
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 91270718
expires: Wed, 27 Oct 2021 18:07:55 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame E105 35 B
174 B 35ms
34ms Image
image/gif 108.128.115.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY2IiOjE2MzUzNTgwNzUzMDIsImlhc19zaW5nbGV0YWciOnRydWUsImlhc19zaW5nbGV0YWdfb3V0Y29tZSI6MTksImhlYWRlcnMiOnsiaGVhZGVyOCI6Imlhc28ifSwiY3VzdG9tIjp7ImN1c3RvbTciOiI4NDIxMzkiLCJjdXN0b204IjoiNTgwNTQyMDIiLCJjdXN0b20xMSI6IjIwMjEuMTAuMDQtMDguNTctMjVlZWYxOCIsInhzaWQiOiIxMjBlNDJlZC1hZTA2LTQ3YWEtYTUyOC01OTJmNThmNDAzMzIifX0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.115.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-115-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:55 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/ Frame E105
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/842139/58054202/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=A...
https://static.adsafeprotected.com/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUh...

17 B
17 B

44ms
43ms

Image
application/javascript

52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332
Protocol: H2
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:55 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 1217448
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=e315c971a10e8643d0c1c84c58c7f70a&apiframeworks=2,8&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0&xmapp=0&xmtp=v&xsId=120e42ed-ae06-47aa-a528-592f58f40332
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 8BEA 42 B
107 B 77ms
46ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1635358075313%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1635358074332;dc_rfl=1,https%253A%252F%252Fwww.gazetadopovo.com.br%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BEA 42 B
64 B 40ms
39ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=COr8feZV5YZSSMpDZx_AP-Myh8AWuxYGFZvLW1fHrDoKrnv7aKRABINKhqR9gyQagAZTcuPsCyAEFqAMByAMTmAQAqgSpAk_QHdn2rlsN2Hj1MoBPNobshw5MyxKLjrLBViW1qHmBaZFG9rtNRQdbjtT6qWo4kX9cToIPQXM3D-hNLppiOSPRv3ubRiydArJFnQQJia5VzK7Nubw4n5lAw1poGJP0IDCK1Qg3tivS7eFjZQ0I-NOLzQbtCcEXib-NJAvgqKOiAa36eMHQpW6K_7WkVFurT_2hbpHDp1OsEND3H_mpn9pP06DPUcF9gGvzSlBGdgW6F_JNJAZkwiZOPKPB6x_Zys25sR__wYG0yYYG-4HUYK3pEfS4UeFRuGyxNELvT0gKoNkkZMkVfE_mXHuyLrTtyW4FCrQp8qKp2PRCsoCIbJ7HLLCANd9pjazccaKfuV7bt4i3rABkxInvcfrikqhdyzu-DZWn5gFo-cAE5_OazOED4AQDkAYBoAZOgAfUo8eEAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBPS64cN0BMA2BMDiBQB2BQB0BUBgBcB&sigh=-O89cnhpds4&label=part2viewed&ad_mt=155&acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1635358075313%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1635358074332&sdkv=h.3.486.2&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTU4NTkxNjMwMTRA2gIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTA2MDUwNjAyCTE2MDQ0MzQ3NEAyCnAIARIbdW5pZmllZC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNTEwNjA1MDYwMgkxNjA0NDM0NzRAuAFSLxAEJXE98EEoAToNUEhSRTMwMDFCMDcxREIOR0RDTV8zUkRfUEFSVFlI-AFQAGACGAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BEA 0
20 B 46ms
46ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8BEA 0
542 B 152ms
90ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-H1MfN0MoygtfjW3n1XxPCz-9apg1ouCCc23wPwdS8oftqGCwo4ggw-o7qQslshI1zBZ_prQjvFAu6DFYL_OkgMTrIXG4LA7dn-U0BBJunXcwk3wmnkaFBLmNIZ3Kajmg7xRIX7f2YK68eUkdVIbfHd0Ma513j9HKkP1GpyNXtiu-7wmlCd43QQc5FjN3TZvcyHfeT6ipWKyjpdb0-U0i1VZnmmx_kEWBowU2HC1VsZ42kxEQOnN5D1TdphiQpsqGyjKfiWwvJm0chWTvxZ8TXx2olWvM9zrI-VsI0N_4YoWtrok9SO95czOUOr1gTzaSoFe9g4CCf7Xb4bwefbhzM1ZCcfeNJ40BZ8iawi3ZaE9EjIAWQIXE88E377e8U1yXWGpz1O9Ktva0QpZTKmxHuF9aNVzBz6YnglLqgy65tQYK33MnE1McSXAZKO2ylN3HufkRRPxGB3s5P-C1WWS5KrqkrIFj1ZcQPDWusrCfKsQ2HAaWPuvMtOsa4UiLzavXHzfXGy0oMxcmg2_1w_y4VibAqhJFNZS6dnHl6Ggy-VXTOjNQpSGoROh118RAaemnyGzTMB7njU-l1V2wS2FmK2pNZwyVfpgUSc-prwlXF3UL8t7XeQ9tYJiwSHKBICdgJokYmyG7NEh1c1DNLyDg2jTlGotawnC-09WHfYb1JrLXzdzAWATjvY4CfxlycmOS0Y9Ny7TL9sn7p4cb-M7yBP_7BVigHCynK_ETqEzkaQQD1eLt_fEAH41_91sULvSFi_uGA8ti5N7RPcUxGjriqMkV4rnVEB5nrBLD835CqEQVmyrvzvx0Xnn6YifqbQS8nU1z3GFyaoyqHMIvFKgGMJ4RTbdCD6r_tp1599tpseYRkXq3-zMnvV7QNmR4aBwh4Kr1nSWU8kgQzr9jpTPf1r28V-yIUgiVvzIUQKWVNdR83Whx38Ea4kvpiaqpjC1G9AOo7zUxd6mChBXcK8Ht5y8gdnaeFUZx2Gh97q4_joCT7Dxz7FrrfFyu2WXuvZiheQM9v_nWr95jNkLb2kTJlGSMPHd-Tr6RKm-kNxCTaXL5nRC8-9t8dMwh_ivX1sCQKdoGWNrIsH3W0PFZGkSl54KRVRa97m91YeEW4WE1tan9JthMP6_Wq0wJ1Zw2_mZmCI7n0vcGaB6HF807c629eLsF4vAxUaoj0k6SJuHmdEN8fhQ0-MgCT1vr5LeWyMIXMP5vaJ9g-rqulAXckLVNbJBFowMjmJJeEwQJbfsdWmGe8aYehlgOlc879p4Igk0CggsDs-DxX7DypQSM7EA4JPRnN_wffrud4xEuVLXjeu6hOgxj1Vmv1W4&sai=AMfl-YSi2rhnWlOLqe-X2iP8czWGM8UpoL2mr-V__rDxY-qQ_lADQP4l8ffFmzs39_s75B9nuv1AaCmNDxJXnTspPmf6OOIZVwbyceGRpEabXQuqklN4A0iiE_xidSFAb3RywLpeQ63Z1gFJdtF00HJQbyeUePQOcsQIg31BWZ_LVPU-_vxvQvAtng&sig=Cg0ArKJSzBLsQibXcfOoEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.486.2&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 27 Oct 2021 18:07:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 8BEA 0
338 B 101ms
28ms Image
text/plain 52.17.176.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rl61v964u&campaignid=26545522&advertiserid=2301899&placementid=318098738&adid=510605060&creativeid=160443474&siteid=6673369
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.176.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1635358075
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 8BEA 0
0 28ms
25ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLtrwEQ1OW0ARjHs9e4ASABMAE&v=APEucNUIgAEfUFwlObLQkfKxJ5Nc2OQ1at2IqfiosQbZ84rOWV2Qc0bIXvyV-o4Ss15_XAogdZgi4BhIZcjlIUpoaD1whqIhlg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 8BEA 43 B
66 B 23ms
8ms Image
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 12:27:01 GMT
x-content-type-options: nosniff
age: 20454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Oct 2021 12:27:01 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 8BEA 35 B
174 B 290ms
269ms Image
image/gif 108.128.115.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI4NDIxMzkiLCJjdXN0b204IjoiNTgwNTQyMDIiLCJ4c2lkIjoiMTIwZTQyZWQtYWUwNi00N2FhLWE1MjgtNTkyZjU4ZjQwMzMyIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiItMSIsImhlYWRlcjQiOiIyLDgiLCJoZWFkZXI1IjoiW0JVTkRMRUlEXSIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MzUzNTgwNzQyNjgyMDUzNTgiLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZQQUlEX19XRUJfUFhMIn0=&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.115.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-115-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 18:07:55 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 8BEA
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/842139/58054203/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AK...
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhU...

43 B
258 B

33ms
33ms

Image
image/gif

52.50.59.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&sdkv=h.3.486.2&adurl=&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0
Protocol: H2
Server: 52.50.59.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-59-60.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:07:55 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 22616030
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=120e42ed-ae06-47aa-a528-592f58f40332&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudExggkB8oel7IyUhUbnZTGUVMhsVsazAZyxh6UZH-wz_LPlYvg9SDjM0U5ZJRP4ms1k2X4psQY6f3st4ooDifxoEPguAwOx-Fzd3j43kdBL2JEcjSwztGXCzx6Kbrck_GM3nPJwMvfvpQ5DSGJcm-vOMOluq8lTUoB7Nkv4ijm6f5Un-BYsbEt2-zwGsfL5p_4DWSRGMW&sai=AMfl-YSR4a3-fj1wvxNGO__JDYknlx9rOhJkEoezxJUNHA1M1p0M49jfr8oa0RqSvBMbKgGndZGJKfau8qZBH8Fk4VeJFkG4egvU6UzF9zAxPvposo_67da4iRqq55V-4Q&sig=Cg0ArKJSzJxcIjmoUFveEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&urlfix=1&vt=13&sdkv=h.3.486.2&adurl=&ias_xappb=[ctv_appid]&mon=58054203&redirectedRetries=0
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 8BEA 42 B
465 B 70ms
45ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1635358075311%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1635358074332;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8BEA 42 B
64 B 58ms
54ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstavDej8ITTmob71jkfHWw_-kMc8ph-xe8w-zLy1DJunXJm5sQr4agHxV7TVww2Aeglmi5BKWqf34ImM_1BqVCxZ7EC3YA8OK3deonAxgIm1xmxBkA&sai=AMfl-YSsxpnNhjPaPjRfjVRyvINik3_3lX_EMwa5DsEZxtEGM9vZtBCkNnk6gMsFfL7uscFrsf4XXZT5y84oQswHoV4XurEvWdrAOF0&sig=Cg0ArKJSzN4glFqxeLBZEAE&cid=CAASEuRoDNanO6lZbzyQ-qHdWU5tCw&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1635358075311%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1635358074332&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ2Gm,pingTime:1,time:2439,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1438%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1438,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1431~0,0~100%5D,as:%5B1431~728.90%5D%7D%7D,%7Bsl:i,t:1438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:92,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:55 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ2Gm,pingTime:1,time:2439,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1438%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1438,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1431~0,0~100%5D,as:%5B1431~728.90%5D%7D%7D,%7Bsl:i,t:1438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:92,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:55 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ2GP,pingTime:1,time:2417,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:94,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:55 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ2GQ,pingTime:1,time:2418,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1007,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:94,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:55 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ2N5,pingTime:-10,time:1679,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1635358073936%7C%7C9e23582270691c05e68ba5273682f11a%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C5b482daccc7d28d4c5af07934ea454d4%7C%7Cf002a340721bee8c66018d6955595e31%7C%7C76b92a55d99010a2f24e323b51623aff%7C%7Cb686b12c6bc4b9dddf246f3e2a579df5%7C%7C13548ceed54a4673194c61213a252f11%7C%7C1629390669,sca:%7Bspg:d722542d-ea6e-1a51-410b-a5cac6f2fcdd%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:56 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2007,0,0,0,0%26mtos%3D2007,2...
ade.googlesyndication.com/ddm/activity/ Frame 8BEA 42 B
63 B 61ms
43ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI16nXyJfr8wIVRnEbCh3U-wH2EAAYACDS2MBMQhMI1LLIyJfr8wIVkOwRCB14Zghe;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2007%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1450%26pst%3D201%26vpaid%26dur%3D30030%26vmtime%3D2155%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2007%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D1635358077318%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1635358074332;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8BEA 42 B
64 B 57ms
57ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstavDej8ITTmob71jkfHWw_-kMc8ph-xe8w-zLy1DJunXJm5sQr4agHxV7TVww2Aeglmi5BKWqf34ImM_1BqVCxZ7EC3YA8OK3deonAxgIm1xmxBkA&sai=AMfl-YSsxpnNhjPaPjRfjVRyvINik3_3lX_EMwa5DsEZxtEGM9vZtBCkNnk6gMsFfL7uscFrsf4XXZT5y84oQswHoV4XurEvWdrAOF0&sig=Cg0ArKJSzN4glFqxeLBZEAE&cid=CAASEuRoDNanO6lZbzyQ-qHdWU5tCw&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2007%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1450%26pst%3D201%26vpaid%26dur%3D30030%26vmtime%3D2155%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2007%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D775%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D554406312%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D1635358077318%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1635358074332

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 18:07:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ39m,pingTime:2,time:3060,type:p,clog:%5B%7Bpiv:-1,vs:n,r:v,w:350,h:196,t:17%7D,%7Bpiv:0,vs:o,r:l.v,t:49%7D,%7Bpiv:100,r:v,t:59%7D,%7Bvs:i,r:,t:863%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:62,tp:adLoaded,sl:o,ad_duration:30,width:350,height:196,volume:-2%7D,%7Bt:64,tp:adStarted,sl:o,ad_duration:30,width:350,height:196,volume:-2%7D,%7Bt:568,tp:adDurationChange,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:818,tp:adImpression,sl:o,ad_duration:30.03,width:350,height:196,volume:-2,integral_timeToDecision:108,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:818,tp:adVideoStart,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:819,tp:adRemainingTimeChange,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:1818,tp:adRemainingTimeChange,sl:i,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:2818,tp:adRemainingTimeChange,sl:i,ad_duration:30.03,width:350,height:196,volume:-2%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2197,o:863,n:49,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~350.196%5D%7D%7D,%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B10~0,804~100%5D,as:%5B814~350.196%5D%7D%7D,%7Bsl:i,t:863,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2197~100%5D,as:%5B2197~350.196%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:fwjsvid,dtt:91,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1a4%7C1b.220584-56772992%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:57 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame E105 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=842139&asId=861b6638-4c0a-560d-211c-22f517701089&tv=%7Bc:sgJ39n,pingTime:2,time:3061,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:v,w:350,h:196,t:17%7D,%7Bpiv:0,vs:o,r:l.v,t:49%7D,%7Bpiv:100,r:v,t:59%7D,%7Bvs:i,r:,t:863%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:62,tp:adLoaded,sl:o,ad_duration:30,width:350,height:196,volume:-2%7D,%7Bt:64,tp:adStarted,sl:o,ad_duration:30,width:350,height:196,volume:-2%7D,%7Bt:568,tp:adDurationChange,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:818,tp:adImpression,sl:o,ad_duration:30.03,width:350,height:196,volume:-2,integral_timeToDecision:108,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:818,tp:adVideoStart,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:819,tp:adRemainingTimeChange,sl:o,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:1818,tp:adRemainingTimeChange,sl:i,ad_duration:30.03,width:350,height:196,volume:-2%7D,%7Bt:2818,tp:adRemainingTimeChange,sl:i,ad_duration:30.03,width:350,height:196,volume:-2%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2198,o:863,n:49,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:-1,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~350.196%5D%7D%7D,%7Bsl:o,t:49,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:100,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B10~0,804~100%5D,as:%5B814~350.196%5D%7D%7D,%7Bsl:i,t:863,wc:0.0.1600.1200,ac:NaN.NaN.350.196,am:v,cc:NaN.NaN.350.196,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2198~100%5D,as:%5B2198~350.196%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:fwjsvid,dtt:91,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911*.842139-58054202%7C192%7C193%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1a4%7C1b.220584-56772992%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1911*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:57 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ3IS,pingTime:5,time:6439,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1438%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1438,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1431~0,0~100%5D,as:%5B1431~728.90%5D%7D%7D,%7Bsl:i,t:1438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:96,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:59 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame EE8F 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=742748&asId=d722542d-ea6e-1a51-410b-a5cac6f2fcdd&tv=%7Bc:sgJ3IS,pingTime:5,time:6439,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1438%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1438,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1431~0,0~100%5D,as:%5B1431~728.90%5D%7D%7D,%7Bsl:i,t:1438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:96,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.742748-55595045%7C1a1%7C1a2%7C1b.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:59 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 90ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ3Jh,pingTime:5,time:6413,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:91,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:59 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 0E93 43 B
301 B 88ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=220584&asId=9deb46d7-d6c0-ce6d-b9a4-48d025ec3891&tv=%7Bc:sgJ3Ji,pingTime:5,time:6414,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5003,o:1411,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:1411,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:91,fm:sN47OBR+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a.742748-55595045%7C1a1%7C1a2%7C1a3%7C1b*.220584-56772992%7C1b1%7C1b2%7C1911.842139-58054202,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 18:07:59 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

OPTIONS register
events-api.gazetadopovo.com.br/ Frame 0
0

POST register
events-api.gazetadopovo.com.br/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/flamengo-x-athletico-escalacoes-provaveis-como-assistir-data-e-horario-copa-do-brasil.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/o-que-esta-em-jogo-para-o-athletico-na-semifinal-contra-o-flamengo.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/contra-o-flamengo-furacao-nao-e-franco-atirador.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/com-dois-titulares-remanescentes-athletico-busca-repetir-historia-no-maracana.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/coritiba-empata-em-maceio-e-ja-pode-marcar-o-dia-da-volta.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/luizao-assina-renovacao-com-o-coritiba-feliz-e-motivado.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/careca-do-talco-torcedor-fluminense.json

Domain: apps.gazetadopovo.com.br
URL: https://apps.gazetadopovo.com.br/cxense/cxense.json

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEFJSRKhkX4OSYzy51rkkxls&google_cver=1&google_push=AYg5qPILS-OjdZvKFumGapNLDwSfZcoHT_OsVoJ_aFxvVRknryoi8wKZvB0CdTc9bYc4-TYwipS4SZTXwHw0m79iNW0o2UWbG_RQ2w

Domain: events-api.gazetadopovo.com.br
URL: https://events-api.gazetadopovo.com.br/register

Domain: events-api.gazetadopovo.com.br
URL: https://events-api.gazetadopovo.com.br/register

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gazetadopovo.com.br/	1970-01-20 15:47:10	Name: _ga Value: GA1.3.2019788381.1635358067
.gazetadopovo.com.br/	1970-01-19 22:17:24	Name: _gid Value: GA1.3.129509643.1635358067
.gazetadopovo.com.br/	1970-01-19 22:15:58	Name: _gat Value: 1
.gazetadopovo.com.br/	1970-01-20 00:25:34	Name: _gcl_au Value: 1.1.1527811260.1635358068
.gazetadopovo.com.br/	1970-01-19 22:15:58	Name: _dc_gtm_UA-23088598-1 Value: 1
.google.com/	1970-01-20 02:39:29	Name: NID Value: 511=nFB7oh1d7_7lATs-S3vzTLdUzS-t0XSAOd8naWNgNyVgNhKl2_1BxlRIN5pcyNK1WJqj7h7d3vdgW1dGKLqHfkZtA7PrVnk0u18OPuF_mQAVksS3vzSNMNOkbyR6tBhXeaVyopbLEHx9N2xn7gb0Bbes017qcmWt0xAciJm9y7k
.scorecardresearch.com/	1970-01-20 15:32:46	Name: UID Value: 1UYO16SEMCGGS6RJPVTFDKg1635358068
.navdmp.com/	1970-01-20 07:01:54	Name: ac3 Value: 1
.gazetadopovo.com.br/	1970-01-19 22:15:58	Name: _gat_trackerInfocoder Value: 1
.navdmp.com/	1970-01-20 15:32:46	Name: nid Value: f989712427004bc9b94a9f39009\|0\|327
.gazetadopovo.com.br/	1970-01-20 07:01:34	Name: nvg38609 Value: f98971242436f623d795c7a1d09\|2_301
.gazetadopovo.com.br/	1970-01-20 00:25:34	Name: _fbp Value: fb.2.1635358068029.1876454375
.piano.io/	1970-01-19 22:15:59	Name: __cf_bm Value: mOLtLcoWIGJKWGMGf2f08O6hUL.woMqKx85sKW4aEPQ-1635358068-0-AQ8uzg83YXDGSbEQY+TLidqj9SdhB+k0aIp4tx1Q8Wbn2AoIs1tMx6wgwteKUoImhLg1B1lGFR9Kz40CG7/30aw=
.gazetadopovo.com.br/	1970-01-19 22:59:10	Name: __pat Value: -10800000
.twitter.com/	1970-01-20 15:47:10	Name: personalization_id Value: "v1_Cyd9Kj2DzkX79c2wvL26sA=="
.linkedin.com/	1970-01-19 22:59:10	Name: UserMatchHistory Value: AQIndiJlTYGZ7gAAAXzC782IUQX8a2zFCRhtkX06XTANeJAJsHZXLtguSiiIJqx6Z8_TTzUqsg5Ckg
.linkedin.com/	1970-01-19 22:59:10	Name: AnalyticsSyncHistory Value: AQLa-u3oCgzjmgAAAXzC782I1mBt2FfkuELdVIrHY7GzIM5R7pcAhkcTd32RJzNGul1C4yjBeIw-BMYLbg-sUQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:47:51	Name: bcookie Value: "v=2&ef1f869a-d257-4c1a-80ec-14c971564134"
.linkedin.com/	1970-01-19 22:17:24	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2470:u=1:x=1:i=1635358068:t=1635444468:v=2:sig=AQHUsBe3KAHV2qjlNvYYH6wdLUZUnqSU"
.gazetadopovo.com.br/	1970-01-19 22:17:24	Name: __pvi Value: %7B%22id%22%3A%22v-kv9tywu98nfm2la0%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1635358068419%7D
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:47:51	Name: bscookie Value: "v=1&20211027180748f1ccfd92-96f6-46e3-8c41-87c707414075AQESgNqFD2c-bcqisaSrJbR7c8CrBtgx"
.gazetadopovo.com.br/	1970-01-20 15:47:10	Name: __tbc Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQg8zqRDLWhJLK9KjLlAcZdSfpwRQ8R1d_1GBkmJ6tu5MNN-EC2DCw2YRca0qJoRrHANBBD0Vh_u2QoIU_SeHN-qo9SriaSSJ3RSmbRrVWGqFrLekaWLp0HLrVgUDnx8o0Q
.gazetadopovo.com.br/	1970-01-20 15:47:10	Name: xbc Value: %7Bjzx%7DVxnaH-1DYibYVAeG-2zM1Temd0PoAhrW5dnxKyw9qHmtWZDksf48AQ--5utc1dCIb7c-wsXaXBTVpEJe8GiQur3uATw26sEa3ZT171cLICoADCPr4GEEcfZ3p0O0Ss-wMEpuOF0blfTMnlfQhlDkp7B9k5a380QcDXsWdA28dzXpAM3m_52bnJrrnht3gazZspR4RRDPlYDav1Lr9wCvOtk6lOwPwRGJQ90_eNBIi07SA21ir0F1YSX6JuR0pC0JYNZqlqxA-NGNeucB0k8UjSYE7T_mg4b7Tknxe_dIWX5GZn8GuGVBXJRLKG2i22nGf_sMRgJrnyfipdYgGrZB5EHve02kHznMaEwh6td14-mZ0-RxzBEfuLiLp_ZWmQdq
.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: GPSDK_SESID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.gazetadopovo.com.br/	1970-01-23 13:51:58	Name: GPSDK_TKTID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: GPSDK_LOCCT Value: FRANKFURT%20AM%20MAIN
.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: GPSDK_LOCCY Value: GERMANY
.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: GPSDK_LOCRG Value: HESSEN
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: cX_S Value: kv9tyyjisqf9adwp
.gazetadopovo.com.br/	1970-01-20 07:01:34	Name: cX_P Value: kv9tyykyyvr63sbr
.umdoisesportes.com.br/	1970-01-23 13:54:50	Name: GPSDK_TKTID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.umdoisesportes.com.br/	1970-01-19 22:15:59	Name: GPSDK_SESID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.semprefamilia.com.br/	1970-01-23 13:54:50	Name: GPSDK_TKTID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.semprefamilia.com.br/	1970-01-19 22:15:59	Name: GPSDK_SESID Value: us-east-1-cb916ea0-3750-11ec-b3dc-0bec7bbf0bf8
.cxense.com/	1970-01-19 22:17:24	Name: cX_T Value: kv9tyz248d7rvlmd
www.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: tt_c_vmt Value: 1635358071
www.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: tt_c_c Value: referral
www.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: tt_c_s Value: referral
www.gazetadopovo.com.br/	1970-01-19 22:15:59	Name: tt_c_m Value: referral
.t.tailtarget.com/	1970-01-19 22:18:50	Name: _ssc Value: y
.tt-10162-1.seg.t.tailtarget.com/	1970-01-19 22:59:10	Name: trk Value: jrk9kawXmL13o3g3ZbQ3CnGOT6shg5CVs3HDUqDjiqoMZuIL8apoCbZN9O+iTguo
.t.tailtarget.com/	1970-01-20 07:01:34	Name: u Value: fwAAAWF5lXZZ/wbUB52RAgB=
.gazetadopovo.com.br/	1970-01-19 22:26:02	Name: geoCapaGP Value: NACIONAL
.cxense.com/	1970-01-20 07:01:34	Name: gckp Value: cx:3z1z097j7jvo13gutf827qxcg:3o1aub4my0uhw
www.gazetadopovo.com.br/	1970-01-20 15:32:46	Name: _ttuu.s Value: 1635358070791
.gazetadopovo.com.br/	1970-01-20 07:01:34	Name: cX_G Value: cx%3A3z1z097j7jvo13gutf827qxcg%3A3o1aub4my0uhw
.udr.uol.com.br/	1970-01-20 07:01:34	Name: UOLID Value: 59e145a8-5c85-48fc-a1fb-d285959574b2\|0
.gazetadopovo.com.br/	1970-01-19 22:15:58	Name: _gat_uolMain Value: 1
www.gazetadopovo.com.br/	1970-01-20 07:01:34	Name: tt.u Value: 0100007F76957961D406FF5902919D07
.t.tailtarget.com/	1970-01-19 22:59:10	Name: ttbprf Value: _frankfurt am main_hesse_de_1635358071230_3632493285
.t.tailtarget.com/	1970-01-19 22:15:59	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-19 22:59:10	Name: ttnprf Value:
www.gazetadopovo.com.br/	1970-01-19 22:17:24	Name: tt.nprf Value:
.dynad.net/	1970-01-20 15:46:59	Name: uid Value: 639831635358071161
.tt-10162-1.seg.t.tailtarget.com/	1970-01-19 22:16:01	Name: ttca Value: _1635358071
.t.tailtarget.com/	1970-01-19 22:59:10	Name: n Value: 1635358071
.doubleclick.net/	1970-01-20 15:47:10	Name: IDE Value: AHWqTUnuyQxjel6LP4i1eAj0I0wYRVGGDhsvaNsfaBIX7mzOEL9geiMJfpROIDZZqrw
.gazetadopovo.com.br/	1970-01-20 07:37:34	Name: __gads Value: ID=d0d1dc8bfacc8ff7:T=1635358070:S=ALNI_MbkhhRdSNMcQSP7cvlupzYs6RzM3A
.casalemedia.com/	1970-01-20 07:01:34	Name: CMID Value: YXmVef.ZTcuKtcd8t94ChAAA
.casalemedia.com/	1970-01-20 00:25:34	Name: CMPS Value: 3200
.adnxs.com/	1970-01-20 00:25:34	Name: uuid2 Value: 6869349155813618962
.openx.net/	1970-01-20 07:01:34	Name: i Value: 2c8afe85-9a4c-4128-9e00-480b78a3890b\|1635358073
.casalemedia.com/	1970-01-20 00:25:34	Name: CMPRO Value: 1139
.casalemedia.com/	1970-01-19 22:17:24	Name: CMST Value: YXmVeWF5lXkA
.adnxs.com/	1970-01-20 00:25:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In:qG%r!!]tbPl1M>e)ZlrFUfJ+tGXxo3bUrrh[QAD4Xn%tPL%RHM^(j='X^WqVhfviXbpRzqF1`b`OU92Du
.casalemedia.com/	1970-01-20 07:01:34	Name: CMRUM3 Value: 2d617995792760CAESEL4HUt2czoAPU3jEiEf4Y4M
.advertising.com/	1970-01-20 07:03:00	Name: APID Value: UPce54fc4d-3750-11ec-bad7-02f59b816c62
.bidswitch.net/	1970-01-20 07:01:34	Name: tuuid Value: 659e9dbb-a261-4989-b93f-2f91506b6ebb
.bidswitch.net/	1970-01-20 07:01:34	Name: c Value: 1635358074
.bidswitch.net/	1970-01-20 07:01:34	Name: tuuid_lu Value: 1635358074
.mathtag.com/	1970-01-20 07:41:53	Name: uuid Value: 77f76179-957a-4b00-8d93-38559aeaa8fc
.mathtag.com/	1970-01-19 22:59:10	Name: mt_mop Value: 4:1635358074
.ops.beeline.ru/	1970-01-20 06:48:36	Name: BeeAID Value: 71d68157-0149-4350-8c72-b84806ca87cd
.yahoo.com/	1970-01-20 07:01:55	Name: A3 Value: d=AQABBHqVeWECEDxn9a4ohx73NpE5-i6jrlgFEgEBAQHmemGDYQAAAAAA_eMAAA&S=AQAAAmD9XmgW9XDlyRyaENEqMuo
.analytics.yahoo.com/	1970-01-20 07:03:00	Name: IDSYNC Value: 18wq~2176
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPce54fc4d-3750-11ec-bad7-02f59b816c62
.yahoo.com/	1970-01-19 22:17:24	Name: APIDTS Value: 1635358074
.rfihub.com/	1970-01-20 07:37:34	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3tDQ1NTI0NrE0NBDiM9TV1U33cjK2tAjPDImX4jU0MzY1NrUwMDcxNDICAJYC6lk0AAAA
.rfihub.com/	1970-01-20 07:37:34	Name: eud Value: H4sIAAAAAAAAAFvFwmtoZmxqbGphYG5iaGQEAEd9xFkQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3tDQ1NTI0NrE0NBDiM9TV1U33cjK2tAjPDIkHADKZrcglAAAA
sync.srv.stackadapt.com/	1970-01-20 07:01:34	Name: sa-user-id Value: s%3A0-30d075f6-6f5e-4a8d-51e6-c7a2bfef97d2.DSyiCkQXK1L%2F0xMYyiQn%2B2JSnqtX0dknqLLEbxtk7gg
.srv.stackadapt.com/	1970-01-20 07:01:34	Name: sa-user-id-v2 Value: s%3A0-30d075f6-6f5e-4a8d-51e6-c7a2bfef97d2%24ip%24216.131.114.229.2Tc03ENw0IaH2lFFOusXjspRsgxBSzmI%2FqaYFiUK%2Fyk
.krxd.net/	1970-01-20 02:35:10	Name: _kuid_ Value: OckVPS37

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/flamengo-x-athletico-escalacoes-provaveis-como-assistir-data-e-horario-copa-do-brasil.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/stories/o-que-esta-em-jogo-para-o-athletico-na-semifinal-contra-o-flamengo.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/contra-o-flamengo-furacao-nao-e-franco-atirador.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/com-dois-titulares-remanescentes-athletico-busca-repetir-historia-no-maracana.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/coritiba-empata-em-maceio-e-ja-pode-marcar-o-dia-da-volta.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/luizao-assina-renovacao-com-o-coritiba-feliz-e-motivado.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/careca-do-talco-torcedor-fluminense.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://json.gazetadopovo.com.br/stories/revitalizacao-da-orla-de-matinhos-as-obras-e-os-prazos.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.semprefamilia.com.br/json/stories/pasta-de-amendoim-uma-queridinha.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://json.gazetadopovo.com.br/stories/nao-e-so-auxilio-o-que-a-pec-dos-precatorios-pode-bancar.json Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.gazetadopovo.com.br/? Message: Access to XMLHttpRequest at 'https://apps.gazetadopovo.com.br/cxense/cxense.json' from origin 'https://www.gazetadopovo.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps.gazetadopovo.com.br/cxense/cxense.json Message: Failed to load resource: net::ERR_FAILED
deprecation	warning	URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69 Message: Application Cache API manifest selection is deprecated and will be removed in M85, around August 2020. See https://www.chromestatus.com/features/6192449487634432 for more details.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0emsuhyuec.execute-api.us-east-1.amazonaws.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
ade.googlesyndication.com
ads.yieldmo.com
adservice.google.com
analytics.twitter.com
api-v3.tinypass.com
apps.gazetadopovo.com.br
assets.gazetadopovo.com.br
b.t.tailtarget.com
beacon.krxd.net
bid.g.doubleclick.net
buy.tinypass.com
c.eu1.dyntrk.com
c2.piano.io
cdn.cxense.com
cdn.navdmp.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
cm.g.doubleclick.net
code.jquery.com
comcluster.cxense.com
comments.gazetadopovo.com.br
connect.facebook.net
csi.gstatic.com
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e8af869f1ccbc0f59ffa594d54ab08a7.safeframe.googlesyndication.com
events-api.gazetadopovo.com.br
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gdp-prd-data.s3.us-east-1.amazonaws.com
google.ops.beeline.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.cxense.com
imasdk.googleapis.com
json.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
m.t.tailtarget.com
mcasproxy.azureedge.net
me.jsuol.com.br
media.gazetadopovo.com.br
multimidia.gazetadopovo.com.br
news.google.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
play.google.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r5---sn-4g5e6nz7.c.2mdn.net
rtb2-useast.torchad.com
s.ad.smaato.net
s.dynad.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scdn.cxense.com
securepubads.g.doubleclick.net
snap.licdn.com
ssp.adriver.ru
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
t.co
t.dynad.net
t.tailtarget.com
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
um.wbtrk.net
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.admin-us.cas.ms
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
x.bidswitch.net
apps.gazetadopovo.com.br
events-api.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
um.wbtrk.net
104.111.242.245
104.16.11.243
104.16.42.65
104.17.183.177
104.18.225.52
104.244.36.20
104.244.42.131
104.244.42.5
104.26.10.91
108.128.115.18
108.174.11.37
116.202.80.165
13.107.42.14
13.32.121.37
13.32.121.78
13.32.99.10
13.32.99.79
135.125.160.77
142.250.181.234
142.250.181.238
142.250.184.226
142.250.185.134
142.250.185.194
142.250.185.67
142.250.185.97
142.250.185.98
142.250.186.100
142.250.186.110
142.250.186.174
142.250.186.35
142.250.186.98
142.251.5.155
157.240.20.19
172.217.16.130
172.217.18.104
172.217.18.98
172.217.23.110
172.217.23.97
173.194.187.170
174.137.133.49
178.162.133.149
18.196.195.54
18.197.99.6
18.66.112.34
18.66.112.54
18.66.112.61
18.66.122.127
18.66.97.111
18.66.97.122
18.66.97.57
18.66.97.74
184.30.20.241
185.29.134.248
185.60.216.35
186.234.166.12
193.0.160.128
199.232.136.157
2.16.186.19
200.147.166.104
200.147.3.137
200.187.199.64
23.55.110.164
23.55.110.18
23.79.131.70
3.126.56.137
3.228.133.61
34.102.185.99
35.244.159.8
37.252.172.38
37.9.245.57
51.137.137.121
52.17.176.161
52.216.85.214
52.216.93.117
52.222.214.129
52.222.214.86
52.222.250.119
52.30.120.14
52.50.59.60
54.171.104.28
54.194.126.20
54.233.124.69
69.16.175.42
69.173.144.138
74.125.133.94
81.222.128.213
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
04ffb6aba449b2ab9c7dde8da8b4b3d2059a49859ed660474092b0d0a9a9fad7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0612d71c1b861fd864c9ab87f88fe948ed0c55fccc79f27f09c0582645f0d844
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0a9c508da586d17cbc5cbff283222c1fa809ea9a10fc5ae46af8f9da6b48f52e
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c3ce70e61d9a67ba701f05ab26feb479d3c0c90ec09f2869d6e7010c4eac6b4
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dd7afab6469b9250302c9a8e02f8c4783e1cd2d2244dead450cb1d765b90f2
1110db8c294323e2af8ff57b8e2ef664164b4cd9cbbd0e474bd5c7fdf4dfece0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134714a051b3ccfd97008fab252ed53ce92c09fc93fa024ed428601abfe6e1c9
147865254662a7ed2a4e4994e580e8f0c3d2babea25bd037571871dc8e32c31d
15103bffe388c0f7cdc7e5199d79efdb18b51ebfd37fe82c02b5e9d461bf0240
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b
1849a27073863e5a136f7f28500e2482a25f2f3cfe037ff2d2b5da03053e7857
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1cc3720d9c0c8c7f139872371154108a193a6e40c535b8e58c36b40b9f95638a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
1efc80ef806cf3cbf55b2821b53edd91ce63af93dca5c8d0468dbb1d6a016a67
1f1ce7a234950f0aaa9ac2a7df59354325a4d4133ede54fff8e28c53c5b0e9f7
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2043645ef931296f9a342ee361a5e9b1bdefb91718765514acc15167d5f7b360
216a380fbf08ff5e84de976fb1e126e73587adc46c54eac50083a914cabda3f6
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24fa50a9f25c4044f2827b43785231eb00e731b6d1c26b8ef8fbb7a5b5146c41
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
26eb930de18aaa2b194c59094ae4b549635f240e28fa3d2cda81458a46bc84f0
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
29f927c276cd3f2aea080625d9185771d47e0e4fdc7bd0a4926bfda7e9cb3494
2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de
2e0827daff6d9baa80b02f8d0c386995493de951330be4e51074754b03a9f92b
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c2fa750c12d8e9908ae6e3dbb3fcd606ca9568b7a89a1b700aa691f7ca78c
34a04668df620632bffd65dde8d0d8ba260543b6d7298e869f4685ce3d49078d
35843a0171ff7f2a8e44cb69f8056fbf8e3c1cacd14b47a7b9da96e44c51c572
35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74
362368ae3d8f674f5a57b794e7c35f26b4957321720a05d4fe7f953e9c33a052
383423ebc7af812b7810df60473cf5e1d8699c80bb070cfac189c153a4d6e136
39698ce41079657012747cdfe722473832b28ce9fd660c8ebff338a9550bc231
3a2b8f34839f743b053a8fdc69b9dd44d5a6f7e8a3c271d05fa88b8110ff2180
3ba699398f04670c9aeee9c10630dc457a7349f569f2a7ea86173dc45b1dc7f4
3cd98560917ec38e4548d395b94d72bf62c45e6f9588560687f420cf3b07f446
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8
3eeab97438677d1c865a7e3275847c650c0e194b751e4630149ffe132857d8fb
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48e42f55b8ded967bc4c432c75beeef71233188073c7335413f8dec067395f21
49457d7c0afbc341fa4d39738cf082414995de9c5baeee95e60face849870180
4ac13ebe88bf3c5f61e2bef3633c08b43f9ef738e476663e8a80943905d4ad09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128
4c47de516d56c4fb95cfe46a98c2916a1adda20da42f6e60e2f0f4c9f9c2bc75
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb1273da17f5347d1f51d83d49cdfd942321431a8d1ba798c1df677d4b163a2
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b4c638e73a20f4947296d1c3145fa285c7cc2d0ed166f857f05ef24a7baa97
53befddfda1e3786650da50bc58cb98758eac41e1e76410519a4bfe6d7361b1a
545f595f2dfe627ebc65674ab5a2670731c66b192e65192d6387166cce8ecf6c
54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7
568d97c1bf323dee478c22c0082f55644bc7eb2aaba91f8b4f2e26dc8d2d6406
57652e0800d22b6c2fba9259642a84354183fc95b8302af0c4e2798ea5865971
57d22e40b059991666e3b9114b2c0d6afe872d806c5c7bf66a5e3ddc5e4fbf7e
58633a0041a265546c1fa1e50e99025ac0ae98ed7330183de3c28ad637da4a21
58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d
5a23f59f8fdcad14e9755e6ce7e0d102685164c009d4cb1f33209338029884df
5a9f9200d83c2f4afd7e36da8101fa371fe4c68f48454b7dacc4142a1cb06510
5acfc22b6bccdd38335fb6f7c6960a79ab031522ca836c6027df46e815a50d1b
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5e1b92b2659d03e5ef5979521cfa37866c2190a6b9be2430ecbfbd394004cc32
5e8a443bbd226547d0d3a31a8044a24cf433d2aad5f5db0dc64d7c1f89ea172f
5fe49f883c0cb52c5eb86b9a0f4cd3a9ebcfb19516ea92454124d6873ea028c3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
636d2b5162f1287e124ff05cb26d8b3e5a4cd849476faa928d23e20ceff32a80
64f9c7cbdf4b4f907181b6967cf529fa4dcdad013e962a6d43deaeaa24166677
651b24999e5a9eb1a062177ffb67df2ad8c84d2aa1339405b24fe57770a74b0a
66b43a68a26be50250a9c878dc6b82dcdffe32e77aa0b8612d430331bd4d51c9
67d401d1577a373960dc234444cb5c66fc7425a783dfb985c2092d2dffbff15a
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
69a4997a104bc6b841f58b65a29ccc37f74c9c64608f3cbf9029374d83e99695
6a300db12275c3d223ad200b90c250265854336e8006718a3d2f79d5487f635e
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5
6dff6d654b6c8b1042a1dfed3cf2f5ffe166caa6b9bba2a7b3eb990bcc6a90c9
6eeecd6bd3c9ea80b052041540420a80f972405b068c38139234fb43adf880c4
6f3a98bfba7251a1a34c149ac3ff57e0d7357293ea27f772b983afb440e86988
6fbba749e315ec87f829d6584f70436d6ca094e75d8a2512ef0245ca3461197a
6fcbf8f826610a94869ae066775452682c44e8f245cc9724fc4a8b4d66e58f19
7012d2c12a9eb74e7545d1d090ad0d40cf67b9c2f62221cef76a75ad97ecabc0
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
72bf8b99bb7320edd2475d29e066a568e439d51a9a0d91cdb9e9b2e1605bad46
74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96
757253aed16a4d35fb0c2ae0990af43140a2da9ff14878fed113c8e91f1f876a
75f9c9ab4c9656f1348fab37ccdf6d9997fe6e0eb3c97a6fc117fcfae216f96f
76ca5467f8810d8aab93bce3ab2a9135bb3a798546894db94230f01f42c88439
76dbea41dd727043e419933741d4cc80b6f9e916054b52399d16669302257577
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
776afdef9f5b543e25108a738e2664f0dfc2daf93f3636d85dd1bea2b3369033
778900368280e92c187004df20e152130187cb49b9be56e8a9cfb816f3f489e0
82a7381148f6fe9acffb752263f92066da278bd671eb620dcc54e9019c359a5e
8311a3e206b22315a5f2c72856dbf5df9d7c68cdab9566b3c12c975f87737cfa
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b1cde03f379884890844e9213ed51166d960c71e38a46c0f892b18d47eb854
841e868069d20bea49dee98335e606664e2eecec9db4484f1627692fabdbbd03
847c1e544245da46758e637c6e8676d90f02919133c763f93d9e233d97cc94b5
84e6390158f84c260ce7a6c38c3ca41aaf4996b379ed5b586bd36814854e7e3a
86082aca02e82bf745c5f1f5e18fa7592796275f011ee6b213b7b0533415c4a1
866229495ace15f688488e782403a5e5e966c7712c0ac56a230577c304c02668
86f0ff1dcb2cc86bab41c5298f45934e7b7212512e02ca79fce721ba1c499df4
87967a62442fcfd180e5f36ef63322cb59ff7231b44dbbb2f8120b70fc62a315
882564c4c16ddf59cda8f019560a6228f7fe189e6ac2613b942f7bc92ae1c85a
8894e5807356002e723c5f848fd12a1d00c6c098ee9434f6e81ce5d6240b67ec
88c210c87fb4746c06d21f5d98b2d29d740986e3902869329b200b5fb83752c5
897405c3c5fad9826d268f7842df3e57d476fe55940141c285c19dec53f4fc32
8a9165cf4c2f9d8b865f95259a801468adbd400676b85131e04b0fe776d13cf3
8cb068524690951fd4d8d53ad3fb0766489be980a9831272b9581502547f8490
8d3092d1870aed6d6d709a5bb1dc6b223d529fa70e69ff06ee2531b04474086d
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
908063262193df054b54faac0eabbeea2a8a1573b594a26a36c1074baf7ead6d
90f9000d4a9998f00d1e06594b284f0e0ca5d2d68b3d92a10185903cb644d8d8
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
914395c816217f5f36fd14147d998df0177959dcfbd0f1feb0ec2145485887c5
947e3dec03b8a6a3d77e890d173bc946ee51b395db9ab32d971da1996305a409
95203e1fa78db935eca062c382e421567370cefd8c5693c85a2c7165a5a57da3
95a55e45359b8cf1d30f2f32ae9046cde607ecb2d4c4e595196a6d70c0b31c84
95dcb4729e461eaa9a06e8e72533aae86ca01f5a6fa87e7f43261a9b799819d4
97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c
99c8572c351b21a8fb0fb1b7b1b497933696b4790f1a2fc4767cec9511f23bd0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9c9e9dab3708a35a27e35efcfa0b53a99bae04a413eefb5fcc7dbcb74db66863
9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e
9dc65c3007d1fe13b1f2858fe945ab09977bbdaa75d479f5611c1e167a66d60a
9e47b10908b862b2dcbbf45bae0577a92adbd0f561abb8c2ffd638f319223eac
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff4373331349c1b6e77ade3ebd0d0a5b76dd8762aab0bb0aa5dccf0a58fee35
a0280a7b1d4a03737a7f010a70d137095161ff4b34ed444df8b50724e48de55e
a09e85b6e312ddf4e427f8ca7d9d19bbbc7c017a6062a76827cec302fa7f25e4
a0c87c5224295c4fe0eb950c37317e5853d35ecfecabdf57d2178c211f843576
a240670c57ae687193af6c756203ee4c51051d11df0803f30508c28ea0e3fb21
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2a2cf6048ef9775f728b175ded3fc929809a74aaddfcc9b2ebc93f24c7c6384
a34a772480a9b13a781ad68262626cad935c24e033e43625a7a5634314dc6fd0
a43e3cf2259c50480fa45042d2df7b76f5da76e41e966fb11215f7345f37969c
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cb940837e732f8a394c3826f322d8815f2e8235e64235ca5aa81d466ae4337
a801a5b5d2982f418de6aba8e877b30b0d879f844477225ceab0f3ef1fb3b457
aa1bf376243c78d775dfc9c269907505ef8aa34851f6e29b846cef7bd2c87929
aa251469e9cd216c2d9dec0a2938616ef395f922bcf78ee33913fbfc13377cd8
aa624e0eb74682aea7ce4d1d669db8da3a445dd0a3439e8569ce103278aac7a3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc12c15e7fb06629d0d9f5dff43a200fc8fe93d2db10a26e82238bd4ea60ff5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b192017f38eb63f9b655e507a62851961e119d135263289d263feac8981b5b
b22431c77bcb1bfbf4d4a8efd58e7763f982f548dd02eea1ae2a58e8386bb0d9
b400103b8114517860a9643418c60aaf23c99e7824f108e26420017fa89177de
b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
b7d2f5805c98a26b70271152de9aeaeaf1d24f0e09a117d0375450025a1a5b3f
b8da8e52296676165c830e196e85d3d6e4afcde6b5b8a7c3f35aedbb23b6257e
b93d7375def0bc8fa57bbb46b7aa8f55e270614089afd1d10379ac36f0da3f59
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bab6e50d40f8da4bf9a66a69f0009c2e6fbb7410d4f17c58ab7801fa781b84c8
bb91488ff052f3fdaa8520fce9f51a371fd1790b620ceea1048393db80faf7cc
bd36f0144ce39a25335a57083c879abd621ef5d350f9d19d4fb37373ecb98342
c015e9896ef640d1df16bb9927f607d77748a6a02859a1409467523e92f9f651
c1437aa277939c2f0d171877ef8786151fa0ce29ee82d178cc89aa43728212b2
c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c
c21e74fee73ebaf20ce765bbb0c2128a0e601000c656a610deaa56d9dbc0c418
c2920ce872d83e9ae339e5f4b46f49666793a4f4fe6369aa471355958cb44e1a
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
c3fa8839a59dbe8cd66a9b913dbf9db6ef3dffd0e5fd60cf3e4444370a031e9e
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
c98d9904054377adfd1098364f5858c8da896b78b91069fa8311050dfd3c6486
c9add5e3c07b9f0bb188d353c611250ee62fa5571662710ce4b65ba03879df2b
ca26c1775554aa86b1e634582c3d6a7bc63ba0b0e593337758a14515ad858010
ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300
cb493f8ca145a89c8e12732edf82b7c431d199322032b68daa17ee802ae8aa37
cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace
cde00762e4fbc61ed3a8f6e907595824981373d791648737fc0631637a263546
cf0651e068bb71f4b732881a5fd066173b798ee195561261004532b83a3267e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d037f7cba17758b917be4836bbba0716d8f915d54e30b6814e157f54defe427f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2e66d1d7a17d523ccf19986ee33561b335b75dcd51713ba4c60d098d9ee3e59
d52d2c836fda275efc4ed5a25fa2371e567e88ffe51b7fbd08b5598d11d6c840
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d5bf089c01a9adf149949340b889cb9173b4dd6549db4061f9ccde585eade351
d64526eb2ee22f3d50584335dcb31ff6d32e112e6d03c6912face950b837d324
d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1
d79ee48b41adcdf010d27965c43c65fc9607aef7df3f8d0ba770905512d32bfd
da2ec51c7e1c950ae18d4b75265bce0e9b40affab477bbf23b7e97f16a64be24
dca6610635582d2632c59786b84c0ee94299fe7bedb687f18211ce668dcef52d
dcfab3bc3c3228df88ef48cdc758856f3821b987f0720cfa608b541c175e0777
ddc395f1550e6bce4260acc0040f068ec4be3767c5bb36770d71b9820793d850
dede76926400ad9a6d0e6af528690f407a1bc23666f873f81905cc8e513d5ee1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df92e1a597e336a159cce9cb8caebbbf5d1e8601a6645fb91e688edfaa556ac3
e0030d033f241b8435ec583baaee9faf7cb962e96a74e9e496838befb4c7a619
e0bf750d3b2c04ef59f40ed9435e1aa96ef401618d5eaa07c1ea6685a1486a53
e19f257d48f64525d72a73ddd7981b9f2001c3a7381f24f699c270ed0e2fc27e
e28bb527b04559454f041033f6f1ebd32bb95471f0223c4843b81aa0bff675cc
e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e394aefd31ae38b9af4250fc1904d3168422ab30316021ef28c277a8c9a7cf2e
e3a89ef6a3db1057123138fe29b291a5bd2caeaf27b49c2ec88c4465f7cd6118
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7865205f95ce64f67024ecf18823f6f82eb2ef4429d734cdc538e6b4b025803
e9ea1fe797ea00beaf9d57ea696deb58fbd9382ee052eac189f43189be6b73da
ea12ec4b7dd7bbd7ee0544a3b7b5ce6e1bd5170b99ad50b147f80f755f36cd78
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eac5d9b2e9a2d31dacee6670f25750bb87dbcd94a893f866a13984dce8e161c7
ec0bd2b08c50df25423769688b10ce2081bb4f7d9dd5c8f30e1361795f82afc4
ec1475b247727eafc6fb517ce6e610526639e1fe95a9e7f198659588a9b28ca8
ed80f8b280b3966ae6ce418fa8d5342ac7cda41e5e77a9fb92034a8c1a878dbb
ee0866678e069b907d4246e782432ac16ed0153d2b8b49da888054317bc09583
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
f06c2d39148f7bf2e6e5a45d6d8985aa6d5b7dc7663f64e1761f4d66b67a9f36
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f96625455b6fb1d1f054ee573226695413ea2e8ffe5f1844b0cd6ace9ed8b950
fac9261277f9c13d359f58c90340164440759b7843d339cf222d4f61e7ac6599
fcb07cdb8d4ce0197488603cdb503f41f574816ad578c1279f6c6f9e16fc38f2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffe9131535d3d2735fde7b822bf5639f53416e35634a740f488c7d1957155695

www.gazetadopovo.com.br Open in urlscan Pro 18.66.97.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

497 Requests

93 %HTTPS

0 %IPv6

58 Domains

106 Subdomains

75 IPs

8 Countries

4980 kBTransfer

72870 kBSize

85 Cookies

85 Outgoing links

Page URL History

Redirected requests

497 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazetadopovo.com.br Open in urlscan Pro
18.66.97.122 Public Scan

Screenshot
Live screenshot

Full Image

497
Requests

93 %
HTTPS

0 %
IPv6

58
Domains

106
Subdomains

75
IPs

8
Countries

4980 kB
Transfer

72870 kB
Size

85
Cookies

497 HTTP transactions
5 data transactions